Lead Cybersecurity – Security orchestration, automation, and response (SOAR) Engineering

Job Description:

Lead Cybersecurity – Security orchestration, automation, and response (SOAR) Engineering

About the Company:

At AT&T, we’re connecting the world through the latest tech, top-of-the-line communications and the best in entertainment. Our groundbreaking digital solutions provide intuitive and integrated experiences for millions of customers across online, retail and care channels. Join our mission to deliver compelling communication experiences to customers around the world as we continue to evolve as a technology-powered, human-centered organization. As part of our team, you’ll transform the way we deliver a seamless customer experience with digital at the center of all you do. In our world, digital is much larger than just an eCommerce channel, we are transforming all channels to digitally perform as one team to create a better customer experience. As we move into 2025, the digital transformation will revolutionize the digital space and you can build a career that will propel your future.

Job Description

As a Lead Cybersecurity with a focus on SOAR, you will be responsible for identification of SOAR use cases and development of SOAR integrations and playbooks. This position will work across security disciplines and with teams outside security to standardize and automate processes for faster response times and improved productivity.

This position requires strong collaborative problem solving, communication, and security architecture knowledge. This position will require focus on a risk-based approach to automation prioritization and demonstration of risk reduction as a result of automation.

This professional must be highly organized and able to manage various stakeholder requests as they arise with strong multitasking skills and technical acumen. In addition, the professional must also be able to assist mentor team members in the designated areas of responsibility.

Experience Level: 12+ years

Location: Hyderabad /  Bengaluru

Responsibilities Include:

The overall objectives and responsibilities for this position are to:

• Identify opportunities for additional automations and improvements to existing automation
• Gather requirements from automation consumers to ensure automation aligns with security and business goals
• Validation of expected functionality for vendor provided SOAR integrations
• Development of custom SOAR integrations where no vendor integrations exist
• Collaborate with stakeholders to ensure automation business value is delivered
• Develop and track automation utilization and effectiveness metrics and represent ROI to leadership
• Focus on continuous improvement and enabling security operations center (SOC) analysts to focus on high priority threats and complex issues through automation

Required skills:

• Overall – At least 12+ years of experience in -
  • SOAR platforms (e.g., Splunk Phantom, Palo Alto Cortex XSOAR, IBM Resilient, etc.)
  • Enterprise security operations and incident response
  • Scripting and automation (e.g., Python, shell scripts).
  • Interacting with APIs and parsing API output

• Experience with security technologies and tools (SIEM, EDR, IDS/IPS, firewalls, etc.).
• Ability to work both independently and as part of a team in a fast-paced, dynamic environment.
• Ability to prioritize individual/group work in a high-activity and time-bound environment
• Flexible to provide coverage in US morning hours on a need-basis, and as required
• Support, guide and mentor peer team members in technical and functional matters
• Strong written, verbal and presentation skills to work effectively across teams
• Sense of urgency and attention to detail

Desired Skills:

• BS Degree or Higher in Computer Science, Cybersecurity, Engineering. MA/MS Degree preferred
• Relevant certifications (e.g., CISSP, SANS GIAC)
• Experience working in an enterprise SOC environment responding to incidents
• Familiarity with regulatory compliance requirements (e.g., GDPR, HIPAA, PCI-DSS).
• Strong ability to break down complex objectives and deliver on time.

Weekly Hours:

40

Time Type:

Regular

Location:

IND:AP:Hyderabad / Atria Building, Plot 17 - Adm: Atria Building, Plot No 17

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities.