Location: Remote (Must work PST hours) Duration: 3-4 months Responsibilities/Job Duties/Job Description/Qualifications: Top 3 skills client is looking for in a candidate: SOAR and preferably Demisto/XSOAR Experience, Programming/ coding / Scripting ( Python (preferred) Powershell/Java secondary) SIEM Rule development- Qradar Major Areas of Responsibility/Tasks
Develop automation and orchestration use cases in a SOAR (Security Orchestration and Automation Response), preferably Palo Alto Demisto/XSOAR
Develop innovative monitoring and detection solutions using client’s tools and other skillsets such as scripting
Establish and maintain excellent working relationships/partnerships with the cyber security and infrastructure support teams throughout the Information Technology organization, as well as business units
Responsible for maintaining the configurations of content of various key security tools to meet the business objectives of the SIOC
Prepare, document, and maintain standard operating procedures protocols, and technical references for security solutions/tools
Support processes to monitor the effectiveness and optimize the capabilities of the security tools used by the SIOC
Engineer and implement security measures for the protection of systems, networks and information
Mentor junior staff in cybersecurity techniques and processes
Research security technologies and collaborate with peers to stay abreast of innovations in the industry
Identify and define requirements for new security capabilities and tools
Evaluate new technologies and processes that enhance security capabilities
Test new security solutions using industry standard analysis criteria
Write technical articles for knowledge sharing
Work with system owners and SIOC team members to find innovative ways to solve or improve existing production security issues
Prior Experience Required:
Minimum 5 years of Security engineering experience, with at least 3 years of experience in security solutions deployment
Desired:
Palo Alto Demisto/XSOAR SOAR
IBM QRadar
Palo Alto NGFW
Utility Industry Knowledge, Skills, and Abilities
Technical Competencies Required:
Experience with scripting such as Python/Powershell
Proven working experience in building and maintaining security systems
Hands on experience working with security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc
Thorough understanding of the latest security principles, techniques, and protocols
Problem solving skills and ability to work under pressure
Deep knowledge of log, network, and system forensic solutions
Deep knowledge of diverse operating systems, networking protocols, and systems administration
Deep knowledge of IT core infrastructure and cyber security components/devices
Deep knowledge of TCP/IP Networking and knowledge of the OSI model
Desired:
Experience with SOAR use case development, preferably Palo Alto Demisto/XSOAR
Experience with IBM QRadar and Palo Alto Networks
Experience working in a SOC or security analyst experience
SkillsFirst and foremost: need some SOAR experience, prefer Demisto/Xsoar. Most of the work is done in Python. SEIM is Qradar- ties into XSoar, experience with Qradar and rule development. Security engineering experience as well is a plus. But most importantly need to have SOAR experience and automation.
