isecjobs.com

SOAR Cybersecurity Engineer

Bucuresti, RO

Full Time Mid-level / Intermediate EUR 74K - 138K * est.
Company logo

NTT DATA Romania

View all jobs at NTT DATA Romania

Apply now Apply later

Who we are

NTT DATA Romania is looking for a highly motivated and skilled Cyber Security Engineer with a strong focus on Security Orchestration, Automation, and Response (SOAR) to join our cybersecurity operations team. The ideal candidate will possess hands-on experience in designing, developing, and maintaining SOAR playbooks, coupled with a solid foundation in cybersecurity concepts and incident response frameworks. This role is integral to the advancement and automation of our security operations processes.
You will be a member of the Cybersecurity Competence Center, where your skills and contributions to security systems delivery will be very visible. The team is international so you will use English both written and orally, German knowledge would be an advantage.

 

What you'll be doing

 

  • Design, develop, test, and maintain SOAR playbooks across multiple platforms
  • Implement and integrate with REST APIs for threat detection, analysis, and remediation workflows
  • Perform administration, tuning, and optimization of SOAR platforms
  • Develop automation scripts and logic using Python and JavaScript to enhance security workflows
  • Collaborate with cross-functional teams to integrate SOAR with SIEM, EDR, threat intelligence, and incident response tools
  • Maintain up-to-date knowledge of authentication mechanisms such as OIDC and OAuth
  • Manipulate structured data formats including JSON, XML, and transformation languages such as jsonata
  • On Call and On Duty responsibilities

 
What you'll bring along

  • Minimum 3-5 years of experience in a similar role
  • Proficient in Python scripting, with practical experience in automation within a security context
  • Hands-on experience with SOAR playbook development and maintenance
  • Working knowledge of JavaScript scripting for browser or server-side logic
  • Strong expertise in REST API integration and testing tools (e.g., Postman)
  • Experience with SOAR platform administration
  • Familiarity with authentication protocols and standards (OIDC, OAuth, etc.)
  • Experience with data formats and tools: JSON, XML, jsonata
  • General understanding of: Cybersecurity principles, SIEM platforms, Endpoint Detection and Response (EDR) tools such as Crowdstrike or Microsoft Defender, MITRE ATT&CK framework, Threat Intelligence tools and platforms, Incident Response workflows
  • English proficiency, German it would be a plus
  • Experience with one or more of the following SOAR platforms is highly desirable: Swimlane 10x (preferred), Cortex XSOAR, Splunk Phantom, Google Siemplify
  • Nice to Have: Experience in ServiceNow administration, including tables, relationships, and SecOps module development
  • Nice to Have: User and access management skills with tools such as KeyCloak and ServiceNow, with an emphasis on least privilege principles
  • Nice to Have: Understanding of relational (e.g., MariaDB) and non-relational (e.g., MongoDB) databases, including API-based integrations
  • Nice to Have: Familiarity with containerization tools such as Docker
  • Nice to Have: Experience configuring and integrating with monitoring and alerting platforms (e.g., Prometheus, Grafana, Opsgenie)
  • Nice to Have: General experience with cloud platforms and environments
  • Nice to Have: Competency in Linux environments and command-line operations
  • Nice to Have: Basic knowledge of Bash scripting
  • Nice to Have: Strong analytical thinking, problem-solving, and context-switching capabilities
  • Strong communication and documentation skills
  • Ability to work independently and collaboratively in a dynamic team environment
  • Proven ability to prioritize and manage multiple tasks efficiently
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  2  0  0
Category: Security Engineering Jobs

Tags: APIs Automation Bash Cloud CrowdStrike Docker EDR Grafana Incident response JavaScript JSON Linux MITRE ATT&CK MongoDB Monitoring PostMan Prometheus Python REST API Scripting SecOps SIEM SOAR Splunk Swimlane Threat detection Threat intelligence XML XSOAR

Region: Europe
Country: Romania

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Systems Engineer jobsSecurity Operations Engineer jobsSenior Security Analyst jobsSystems Administrator jobsSenior Cybersecurity Engineer jobsCybersecurity Editor jobsCybersecurity Content Editor jobsSenior Information Security Analyst jobsInformation Security Manager jobsCyber Security Specialist jobsIT Security Analyst jobsSenior Network Security Engineer jobsChief Information Security Officer jobsSenior Information Security Engineer jobsSecurity Consultant jobsInformation System Security Officer (ISSO) jobsSenior Product Security Engineer jobsIT Security Engineer jobsSecurity Specialist jobsInformation Systems Security Engineer jobsCyber Threat Intelligence Analyst jobsSenior Cyber Security Engineer jobsCybersecurity Specialist jobsSenior IT Auditor jobsSenior Software Engineer jobs
SaaS jobsEncryption jobsTS/SCI jobsJava jobsCEH jobsSplunk jobsTop Secret jobsThreat detection jobsTerraform jobsIDS jobsSDLC jobsMalware jobsIPS jobsRMF jobsFinance jobsSQL jobsForensics jobsDocker jobsIntrusion detection jobsActive Directory jobsSOC 2 jobsCompTIA jobsOWASP jobsVPN jobsAnsible jobs
ITIL jobsClearance Required jobsTCP/IP jobsCRISC jobsGIAC jobsHIPAA jobsDoDD 8570 jobsIT infrastructure jobsMITRE ATT&CK jobsJira jobsOSCP jobsBanking jobsSOAR jobsData Analytics jobsSOX jobsIndustrial jobsDNS jobsZero Trust jobsCCSP jobsJavaScript jobsUNIX jobsGCIH jobsCISO jobsArtificial Intelligence jobsPolygraph jobs