Cyber Security Managed Services (CMS) | Sentinel SOAR - TechOps Senior Engineer

Cyber Managed Service -Threat Detection & Response - Security Orchestration, Automation and Response (Sentinel SOAR) - Senior

KEY Capabilities:

•    Excellent teamwork skills, passion and drive to succeed and combat Cyber threats 
•    Working with the customer to identify security automation strategies and provide creative integrations and playbooks.
•    Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs.
•    Responsible for execution and maintenance of Sentinel SOAR related analytical processes and tasks
•    Management and administration of Sentinel SOAR platform
•    Developing custom scripts and playbooks to automate repetitive tasks and response actions.
•    Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON. Must have basic SQL knowledge.
•    Knowledge on Incident Response and Threat Intelligence tools.
•    Creation of reusable and efficient Python-based Playbooks.
•    Use Splunk SOAR platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration
•    Partner with security operations teams, threat intelligence groups and incident responders.
•    Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms. Having experience in Splunk content development will be an added advantage
•    Willing to learn new technologies and take up new challenges.  Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers.
•    Good grasp in conceptualizing and/or implementing automation for business process workflows
•    Knowledge in Network monitoring technology platforms such as Fidelis XPS or others
•    Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others
•    Should be able to assist, support and mitigate production issues.
•    Should have the capability to work with partners and client stack holders to full fill their asks
•    Ability to Coordinate with Vendor to incident closure on according to the severity
•    Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement.

Qualification & experience:

•    Minimum of 3+ years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Sentinel SOAR solution in global enterprise environments. 
•    Strong oral, written and listening skills are an essential component to effective consulting.
•    Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary.
•    Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc.
•    Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field
•    Minimum 2 years of working in SOAR (Sentinel)
•    Experience in Process Development, Process Improvement, Process Architecture, and Training
•    Quick to apprehend and adapt new applications.
•    Knowledgeable in Cybersecurity and Incident Response Management
•    Certification in any one of the SIEM Solution such as Splunk or SC-200 will be an added advantage 
•    Certifications in a core security related discipline will be an added advantage.