SOAR Engineer

Xantrion is a leading managed security service provider on a mission to empower mid-sized businesses with technology and cybersecurity peace of mind. We are building a stellar team of technology experts who love helping our clients be the best they can be.

Joining Xantrion's Security and Reliability team means working with a group of people who are passionate about safeguarding our clients. Our 24/7 Cybersecurity and Systems Operations Center (CSOC) provides continuous monitoring, detection, and response services. Our cybersecurity engineering and consulting teams work together to deliver a full suite of cybersecurity services.

This is a contract position (6 months) and is 100% remote with the option to work from our office in Lafayette, CA.

About the position
As a SOAR engineer, you will assist the CSOC by building security tool integrations and automations for the SOAR platform that will enable the CSOC to respond and investigate more effectively and efficiently. Our SOAR platform is the core of our internal alert management system.

The candidate should have experience working well in small teams, being flexible by performing multiple roles, and have a solid knowledge of networking, cybersecurity, and coding. This position will also involve collaborating to define engineering requirements and priorities. The SOAR Engineer position reports to the Security and Compliance Manager.

You will make an impact in the first 30 days by: 

• Working with management and security analysts to prioritize the engineering backlog. 
• Developing automation workflows and system integrations to increase efficiency and quality of security operations.

Responsibilities

• Collaborate with stakeholders to manage the engineering backlog, including researching, updating, and collecting requirements for work items.
• Write, test, and maintain automation workflows within SOAR platform.
• Build API-based integrations between tools that streamline, simplify, and improve operational efficiencies.
• Author and maintain documentation for all code, integrations, and workflows.
• Work cross-functionally with other members and teams within the entire Xantrion organization.

Knowledge & Experience

• 5+ years of experience in cybersecurity, information technology, or a related field.
• Strong programming skills in Python or PowerShell languages.
• Strong Application Programming Interface (API) integration skills.
• Strong understanding of computer networking and cybersecurity fundamentals.
• Experience with SOAR platforms (e.g., Tines, Torq, Chronicle, Splunk, XSOAR) preferred.
• Strong understanding of a variety of security tools and technologies (EDR, SIEM, Vuln Mgmt., etc.).
• Experience administering Microsoft Azure, Amazon Web Services (AWS), or Google Cloud Platform (GCP).
• Strong analytical and problem-solving skills.
• Ability to work effectively in a team-oriented environment.
• Excellent organizational, writing, and communication skills.
• Self-starter with the ability to work independently, proactively take ownership of work.
• Proven ability to manage projects, meet deadlines, and achieve high levels of quality.
• Relevant training and certifications (e.g., CISSP, OSCP, CEH, CySA+, Security+) are preferred.

Benefits

• Pay Rate $70 - $90/hr.
• Flexible remote work schedule

Xantrion is an equal opportunity employer that is committed to diversity and inclusion in the workplace. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws. All employment is decided on the basis of qualifications, merit, and business needs at the time.