SOAR Engineer / Automation Analyst (DSC/JH)
2 months ago
This role is focused on the automation and orchestration of security processing within the ST Engineering SOC environment. This person will have the o..
This role is focused on the automation and orchestration of security processing within the ST Engineering SOC environment. This person will have the opportunity to work on technology and processes with a global reach and is an integral part of the security controls that the company uses to protect its data and intellectual property.
To be successful, you will need to demonstrate you have the skills and aptitude to understand and support our complex systems and processes that enable the delivery of our world-class services. This position also requires the ability to: work with a variety of different groups; communicate effectively electronically and in person, drive a problem to resolution or know when to escalate and seek assistance; work independently and as part of a team; also requires a keen attention to detail and follow through on work items.
Responsibilities:
- Proactive and creative creation of automated workflow to reduce manual processes and to meet client requirements.
- Updating playbook documentation to ensure all creation, updates, and changes are recorded.
- Work closely with the operation team, customer success manager, and threat detection team to ensure that the input and output of the playbook meets the requirements.
- Perform certain amount of scripting to create unique integration or workflow (preferably python).
- Be the Subject Matter Expert (SME) for all issues in relation to automation.
- Identify opportunities to improve processes and/or tools to ensure highest level of quality, including documentation, mentoring and training sessions.
- Assist in any ad-hoc tasks when necessary.
Requirements:
- Experience with SOAR, SIEM and other security product within a SOC environment.
- Knowledge on cyber attack-vectors, security threats and mitigation techniques.
- Possesses relevant professional certifications.
- Ability to deal with the ambiguity associated with working in a fast paced and changing environment.
- Understanding of or exposure to multiple programming languages is a plus.
- Knowledge and/or experience in reverse engineering of software is a plus.
- 1 to 3 years with SOC environment preferred.
- Good knowledge / experience of ITSM process 2-5 years of hands on experience (Knowledge of ServiceNow ITSM / Sec ops module will be an advantage).
- Good knowledge / experience for scripting python with 2-5 years of hand on experience in using python (Knowledge of using Palo Alto XSOAR will be an advantage).
- Possess and has experience in problem solving skill set with good methodology of analysing an issues / problem, finding the root cause and solving the issues/problem.
- Possess a mindset and curiosity on how to automate work flow and improve process within SOC (Candidates with SOC background preferred).
- Possess ability to work in a fast-moving environment with short turnaround time.
- A good team player with keen interest in process flow and prefer automation way of life rather than manual work way of life.
- Requires working after office hours / activation to resolve SOAR issues.
Work Location: Ang Mo Kio
Official account of Jobstore.
