4 Swimlane Jobs

Operational security automation is the process of automating some or all aspects of SOC or VOC operations. Replacing manual workflows with automated ones. A fundamental building block of automation is the security playbook. A playbook defines a workflow by outlining the steps teams will take to handle different types of security alerts or events. By developing playbooks ahead of time, teams avoid having to make a response plan every time an alert or event occurs. Responsibilities: Scripting and workflow development, follow proper engineering and integration lifecycles (design, create, test, document, integrate, monitor, maintain) and are designed to be reusable. Creating and integrating APIs to create orchestrated workflows. Autonomously plan security automation daily operations to ensure targets are being met. Identify and recommend necessary changes to the operational security teams to ensure automation and orchestration, maximize team talent and reduce routine tasks. Ensure operational security automations meet business and technical requirements, are maintainable, scalable and meet performance standards Bring external perspective and ideas from relevant sources, keep current with technology and industry best practices of the security industry threat landscape Communicate technical and functional requirements using an effective, efficient, and creative approach with a high degree of collaboration and influence. Work with in-house teams to identify the right mix of tools, techniques, and procedures to translate our needs and future goals into a plan that will enable secure and effective solutions. Qualifications: Extensive experience working in Information Security with focus in operational security. Experience with agile project management processes and methodologies Mandatory 3 years experiences with one of the following SOAR vendor platforms (Tines, Swimlane) Being autonomous. Advanced research, analytical, and problem-solving skills Masters degree in Computer Science, Information Security, or related field

In this vital role, you will collaborate closely with cybersecurity departments to identify and define automation requirements that streamline security processes and incident responses. You will create and refine automation playbooks using low-code platforms, integrate new and existing security tools, and develop custom APIs to ensure seamless inter-connectivity among systems. Additionally, you will engage in the selection and tuning of machine learning algorithms tailored to address specific security challenges faced by the organization. A key component of the role is to maintain up-to-date technical documentation and user guides to support the ongoing use and understanding of automated systems. As the Security Automation Engineer, you must also keep abreast of the latest cybersecurity trends and technologies, sharing insights and best practices with the team to continually enhance the organization's security posture. Roles & Responsibilities Create playbooks using a low-code platform to streamline security operations. Integrate new and existing security tools and platforms; Design, code, and integrate custom APIs. Create technical documentation and user guides. Continuously monitor and maintain the automation platform and ensure that all systems and applications are up to date with the latest security patches and updates. Ensure compliance with relevant regulations (e.g., GDPR, HIPAA) and industry standards (e.g., ISO 27001, NIST). Keep up to date with the latest security threats, trends, and technologies, and provide recommendations for improving security operations. Triage issues found by tools, external reports, and various tests, to accurately assess the real risks. Offer remediation guidance to partners for identified issues and serve as an escalation resource for developers as they reduce issues. Basic Qualifications Education and Experience:Master's degree and 1 to 3 years of directly related experience; OR Bachelor's degree and 3 to 5 years of directly related experience; OR Diploma and 7 to 9 years of directly related experience. Must-Have Skills Proficiency in Python scripting and automation. Experience with REST API technology. Experience with Linux is a MUST. Experience with Security Orchestration Automation and Response (SOAR) tools (e.g., Swimlane, Cortex XSOAR, etc.). Experience with development of automation playbooks and integrating multiple security tools to enhance efficiency and effectiveness. Preferred Qualifications Knowledge of cybersecurity frameworks, technologies, and best practices. Experience in risk management, incident response, and security governance. Knowledge of security architecture frameworks and principles. Professional Certifications CEH (preferred) CompTIA Security+ (preferred) RHCSA (preferred) CISSP (preferred) Soft Skills Excellent analytical and troubleshooting skills. Strong verbal and written communication skills. Ability to work effectively with global, virtual teams. High degree of initiative and self-motivation. Ability to manage multiple priorities successfully. Team-oriented, with a focus on achieving team goals. Strong presentation and public speaking skills.

What you will do Role Description: In this vital role you will collaborate closely with cybersecurity departments to identify and define automation requirements that streamline security processes and incident responses. The engineer will create and refine automation playbooks using low-code platforms, integrate new and existing security tools, and develop custom APIs to ensure seamless inter-connectivity among systems. Additionally, the engineer will engage in the selection and tuning of machine learning algorithms tailored to address specific security challenges faced by the organization. A key component of the role is to maintain up-to-date technical documentation and user guides to support the ongoing use and understanding of automated systems. The Security Automation Engineer must also keep abreast of the latest cybersecurity trends and technologies, sharing insights and standard processes with the team to continually enhance the organizations security posture. Roles & Responsibilities: Create playbooks using a low-code platform to streamline security operations Integrate new and existing security tools and platforms; Design, code, and integrate custom APIs. Create technical documentation and user guides. Continuously monitor and maintain the automation platform and ensure that all systems and applications are up to date with the latest security patches and updates. Ensure compliance with relevant regulations (e.g., GDPR, HIPAA) and industry standards (e.g., ISO 27001, NIST). Keep up to date with the latest security threats, trends, and technologies, and provide recommendations for improving security operations. Triage issues found by tools, external reports, and various tests, to accurately assess the real risks. Offer remediation guidance to partners for identified issues and serve as a customer concern resource for developers as they reduce issues. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Masters degree and 1 to 3 years of directly related experience OR Bachelors degree and 3 to 5 years of directly related experience OR Diploma and 7 to 9 years of directly related experience. Must-Have Skills: Proficiency in Python scripting and automation Experience with REST API technology Experience with Linux is a MUST Experience with Security Orchestration Automation and Response (SOAR) tools (e.g. Swimlane, Cortex XSOAR, etc.) Experience with development of automation playbooks and integrating multiple security tools to enhance efficiency and effectiveness Preferred Qualifications: Knowledge of cybersecurity frameworks, technologies, and standard methodologies Experience in risk management, incident response, and security governance Knowledge of security architecture frameworks and principles Professional Certifications: CEH (preferred) CompTIA Security+ (preferred) RHCSA (preferred) CISSP (preferred) Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills

Observability Engineer: Define and implement new monitoring definitions following best practices. Focus on Infrastructure monitoring (mandatory); Application stack monitoring is a plus. Tune monitoring definitions to reduce operational noise. Experience working with SolarWinds and ServiceNow ITOM AIOPs. ITOM AIOPs Event Management: Tune monitoring policies and event rules. Optimize Operational Intelligence configurations. Optimize architecture and usage of Midservers for monitoring. Configure Health Log Analytics; recommend appropriate logging sources to enhance monitoring and detect change-related alerts. Configure Agent Client Collector (ACC) monitoring, aiming to replace SolarWinds for server monitoring. Develop and configure Service and Configuration Item (CI) binding rules for monitoring. Develop automated alert response mechanisms: Fully automated responses for automatic alert resolution. Playbook actions in ServiceNow triggered manually by agents. Automation can be implemented via scripts, ServiceNow OOTB/custom responses, or Swimlane workflows. Duration: 3-6 months contract followed by C2H (Contract to Hire) Note: Candidates unwilling to convert after 3-6 months will not be considered Shift Timings: 5 PM 2 AM IST