SOAR Engineer

Introduction

Your Role And Responsibilities

• Work experience - 5+ Years
• Proactively lead and support incident response team during an incident.
• Experience in advance investigation, triaging, analysis and escalation of security incidents with recommendations
• Hands-on basic experience with configurations and management of SIEM tools(Qradar) including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST.
• Proven Experience on any of the Security information and event management (SIEM) tools using Qradar
• Data-driven threat hunting using SIEM, EDR and XDR tools
• Basic Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOAR
• Identify quick defence techniques till permanent resolution.
• Recognize successful intrusions and compromises through review and analysis of relevant event detail information.
• Review incidents escalated by Level 1 analysts.
• Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts.
• Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate.
• Identify the gaps in security environment & suggest the gap closure
• Drive & Support Change Management
• Performs and reviews tasks as identified in a daily task list.
• Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reporting
• Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc.
• Willing to work in 24x7 rotational shift model including night shift.
  

Preferred Education

Required Technical And Professional Expertise

• Hands-on experience required in Qradar SIEM and SOAR.
• Desired experience in Threat hunting, Threat intelligence.
• Worked on tools belongs to Qradar, UEBA, UAX.
• Must have desire to learn or cross skill with new technologies.
• Must be able to work in morning, evening, and night shifts (24*7) - Mandatory.
• Bachelor’s degree in engineering/information security, or a related field.
• Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent.
• Proven experience to work in a SOC environment.
• Deep technical knowledge of security technologies and advanced threat landscapes.
• Proven experience in managing and responding to complex security incidents.
• Strong analytical and problem-solving skills.
• Excellent communication and collaboration abilities.
• Ability to work in a fast-paced, dynamic environment.
  

Preferred Technical And Professional Experience

• Hands-on experience required in Qradar SIEM and SOAR.
• Desired experience in Threat hunting, Threat intelligence.
• Worked on tools belongs to Qradar, UEBA, UAX.
• Must have desire to learn or cross skill with new technologies.
• Must be able to work in morning, evening, and night shifts (24*7) - Mandatory.
• Bachelor’s degree in engineering/information security, or a related field.
• Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent.
• Proven experience to work in a SOC environment.
• Deep technical knowledge of security technologies and advanced threat landscapes.
• Proven experience in managing and responding to complex security incidents.
• Strong analytical and problem-solving skills.
• Excellent communication and collaboration abilities.
• Ability to work in a fast-paced, dynamic environment.