SOAR, Cyber security

Requirements

• Qualifications: BE / M.Tech / MSc (IT, Computer Science) / MCA
• Key Responsibilities:
• Develop and optimize Security Orchestration, Automation, and Response (SOAR) solutions to enhance organizational security posture.
• Integrate various security tools and technologies into cohesive systems that support automated response to incidents.
• Analyze security incidents and implement automated workflows to reduce response times and mitigate potential threats.
• Collaborate with cybersecurity teams to identify, prioritize, and respond to security vulnerabilities and incidents.
• Provide ongoing support for the SOAR platform, including configuration changes and updates.
• Create and maintain process documentation, runbooks, and playbooks to support automation efforts.
• Conduct regular assessments of automated responses to ensure effectiveness and make necessary adjustments.
• Stay informed on emerging threats, security trends, and SOAR technologies to guide enhancements and adaptations.
• Experience & skills:
• Minimum 5 years of experience working in cyber security and SOAR technologies.
• Experience with Security Information and Event Management (SIEM) tools and approaches to automate incidents.
• Proficient in scripting languages (Python, PowerShell, etc.) for automation purposes.
• Strong understanding of incident response processes and methodologies.
• Knowledge of threat intelligence, vulnerability management, and risk assessment practices.
• Demonstrated experience with various security tools (EDR, firewalls, IDS/IPS, etc.) that can be integrated into a SOAR platform.
• Ability to analyze data and logs effectively to derive insights and actionable recommendations.
• Excellent communication skills for interaction with stakeholders and for presenting findings and strategies.
• Strong problem-solving skills and an analytical mindset to deal with complex security challenges.
• Certification Preference:
• Preferred certifications that demonstrate expertise in SOAR or cybersecurity include:
• Certified Information Systems Security Professional (CISSP)
• Certified Incident Handler (GCIH)
• Certified Information Security Manager (CISM)
• Security Operations and Automation Specialist (SOAS)
• GIAC Cyber Threat Intelligence (GCTI)
  

Benefits