SOAR Engineer - Cyber Security

About The Role

At National Grid, we keep people connected and society moving. But it’s so much more than that. National Grid supplies us with the environment to make it happen. As we generate momentum in the energy transition for all, we don’t plan on leaving any of our customers in the dark. So, join us as a SOAR Engineer, and find your superpower.

National Grid is seeking an innovative SOAR engineering specialist to join the Security Orchestration, Automation and Response (SOAR) Engineering team. The engineers are the primary technical resource for developing automation and response to detect, resolve and mitigate cyber security attacks within the Splunk platform. The successful candidate(s) will possess expertise on advanced data analytics, scripting, and development, and be able to work with the security response and threat management teams to protect our national energy services from cyber disruption.

National Grid is hiring a SOAR Engineer for our Security Orchestration, Automation and Response Engineering team. We offer hybrid/remote working, requiring you to visit the Warwick office at least once a month.

Key Accountabilities

• Work in partnership with the incident response team to implement opportunities for improvement
• Develop and implement automations for detection and response.
• Develop integrations to ingest new data sources via REST APIs
• Be the subject matter experts on big data analytics and automation 
• Participate in special projects, as needed, and perform other duties as assigned
• Produce System Analytics to prove automation behavior assumptions
• Document all system changes in line with Change Management good practices
• Recommend, Develop, and Release new Use Cases to maximize the benefits and efficiencies from a SOAR platform. 

You will participate in a 24x7 on-call rotation in which you will work on-call roughly 1 week out of every 10. You must be eligible to obtain National Security Vetting (NSV) Security Clearance. 

About You

A strong multi-tasker with a keen eye for detail that thrives in a fast-paced work environment. Innovative, analytical, and driven.

• Experience with Splunk, Splunk Enterprise Security, Splunk SOAR (Formerly Splunk Phantom) and/or Splunk User Behaviour Analytics
• A passion for security automation and a solid understanding of security incident response
• Knowledge of security frameworks including MITRE Att&CK, NIST, etc.
• Working experience and knowledge of operating systems (e.g.: Windows, UNIX/Linux) 
• Experience building queries for relational databases
• Knowledge in various scripting and programming languages (Java, Perl, Bash, R, Python, C++ etc.) a plus
• Must be able to work independently as well as work as part of a fast-moving team
• Understanding of entire technology stack of networks, databases, applications, and endpoints
• Experience planning, researching, and developing security policies, standards and procedures is a plus.

What You'll Get

A competitive salary between ££46,415 - £55,000 – dependent on capability

As well as your base salary, you will receive a bonus based on personal and company performance and a competitive contributory pension scheme where we will double match your contribution to a maximum company contribution of 12%. You will also have access to a number of flexible benefits such as a share incentive plan, salary sacrifice car and technology schemes, support via employee assistance lines and matched charity giving to name a few.
#LI-RL1
#LI-HYBRID
 

At National Grid, we work towards the highest standards in everything we do, including how we support, value and develop our people. Our aim is to encourage and support employees to thrive and be the best they can be. We celebrate the difference people can bring into our organisation, and welcome and encourage applicants with diverse experiences and backgrounds, and offer flexible and tailored support, at home and in the office.

Our goal is to drive, develop and operate our business in a way that results in a more inclusive culture. All employment is decided on the basis of qualifications, the innovation from diverse teams & perspectives and business need. We are committed to building a workforce so we can represent the communities we serve and have a working environment in which each individual feels valued, respected, fairly treated, and able to reach their full potential.