SOAR Developer

SOAR Developer

Vacancy expired!

Description

Job Description:

Leidos has an immediate need for a Security Orchestration Automation and Response (SOAR) developer to join our DHS Enterprise Security Operations Center (ESOC) Team. The ideal SOAR Developer is someone who is process driven, efficient, and strives to remove tedium from daily workflows. The developer will support the modernization of DHS ESOC cybersecurity operations, along with responding to emergent development requirements from Security Operations. The ideal candidate will be flexible and ready to work within a DevSecOps model within DHS ESOC which includes incident response operations and development engineers participating together in the entire lifecycle, from design through the development process to production support.

Primary Responsibilities

• Automate DHS ESOC Security Incident Response processes providing the ability to analyze and resolve alerts from existing security tools leveraging a single stream management system
• Develop and maintain custom Swimlane applications for Security Operations workflows
• Assist with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions
• Integrate SOAR platform with other security tools and APIs to execute automated workflows
• Author, test, and maintain automation scripts/workflows within SOAR platform
• Design, implement, and maintain efficient and reusable Python code
• Review, debug, and resolve technical issues throughout all stages of SDLC
• Coordinate with System Administrators, Engineers, and ISSOs to provision service accounts and/or grant required permissions

Basic Qualifications

• The candidate shall have bachelor's degree in Computer Science, Engineering, or related field and a minimum of 3 years of experience in system administration, database administration, network engineering, software engineering, or software development, with a concentration in Cybersecurity.
• At least one of the following certifications: CASP, Security+, GCIH, GCWN, GISF, GSSP, GICSP, GSSP, SEI, CISSP, CSSLP, SSCP, CCNP, CCNP Security, CCIE Security, CEH, ECSP, MCSE, RHCA, RHCE, VCP, VCAP, VCIX, VCDX
• Experience with SOAR platforms such as Swimlane, Phantom, Demisto, etc
• Experience in security process mapping, security process analysis, security process improvement concepts, models, and best practices required
• Proficient in Python scripting
• Working knowledge of REST APIs, JSON, HTML/CSS, Javascript, XML
• Experience as a SOC Analyst and/or Incident Responder
• Experience authoring SOC SOPs, playbooks, work instructions and/or other process documents
• Familiarity with Splunk Search Processing Language (SPL) and/or Elastic Domain Specific Language (DSL)
• Proven Experience building consensus and managing cross-functional teams
• Experience in DevSecOps environment
• Experience writing acceptance criteria and designing user interfaces for a production system
• Department of Homeland Security ESOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program.

Preferred Qualifications

• Swimlane Certified SOAR Administrator (SCSA)
• Swimlane Cerrified SOAR Developer (SCSD)
• Client-facing federal consulting and business analysis experience

External Referral Bonus:
Eligible

External Referral Bonus $:
5000

Potential for Telework:
No

Clearance Level Required:
None

Travel:
No

Scheduled Weekly Hours:
40

Shift:
Day

Requisition Category:
Professional

Job Family:
Security Architecture and Engineering

Pay Range: