Job
Description
Job Title: L3 SOAR Administrator – ArcSight SOAR Expert Location: Gurgaon Experience: 5+ years (Minimum 2+ years in SOAR administration) Position Type: Full-Time Department: Cybersecurity / Security Operations Centre (SOC) Budget: 18-20 LPA Role Overview: We are seeking an experienced and skilled L3 SOAR Administrator with hands-on expertise in ArcSight SOAR to lead the administration and enhancement of our SOAR platform. The candidate will be responsible for ensuring platform stability, developing advanced playbooks, integrating threat intelligence feeds, and enabling seamless automation across SOC tools and processes. Key Responsibilities: SOAR Platform Administration: Manage and maintain the ArcSight SOAR platform, ensuring high availability and performance. Oversee upgrades, patching, and system optimization. Playbook Creation & Management: Design, develop, and maintain complex automated playbooks for incident response and security operations. Optimize existing playbooks based on evolving threat scenarios and feedback from L1/L2 teams. Automation Development: Develop automation scripts and workflows to enhance SOC efficiency. Utilize Python, REST APIs, and built-in SOAR capabilities to build scalable automations. Integration Management: Integrate ArcSight SOAR with various security technologies including SIEMs, EDRs, firewalls, threat intel platforms, ticketing systems, and email gateways. Ensure seamless bi-directional communication across platforms. Threat Intelligence Integration: Configure and maintain ingestion of external and internal threat intelligence feeds into SOAR. Automate enrichment and correlation of indicators of compromise (IOCs). Required Skills & Qualifications: Minimum 5-8 years of experience in a security operations center (SOC) or incident response role.. Proven expertise in ArcSight SOAR (formerly Micro Focus SOAR). Strong knowledge of security operations processes , incident response lifecycle, and threat hunting techniques. Good understanding of SIEM (ArcSight, Splunk, etc.), EDR (CrowdStrike, SentinelOne), and other security tools. Familiarity with MITRE ATT&CK framework and threat intel feeds. Good written & verbal communication & presentation skills Bachelor’s degree in computer science, Information Security, or related field (or equivalent work experience). Intermediate to advanced certifications such as GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), or equivalent preferred. Strong leadership and communication skills. Regards Kirti Rustagi hr1@raspl.com Show more Show less
