isecjobs.com

SOAR Cybersecurity Engineer

Bucuresti, RO

Full Time Mid-level / Intermediate EUR 74K - 138K * est.
Company logo

NTT DATA Romania

View all jobs at NTT DATA Romania

Apply now Apply later

Who we are

NTT DATA Romania is looking for a highly motivated and skilled Cyber Security Engineer with a strong focus on Security Orchestration, Automation, and Response (SOAR) to join our cybersecurity operations team. The ideal candidate will possess hands-on experience in designing, developing, and maintaining SOAR playbooks, coupled with a solid foundation in cybersecurity concepts and incident response frameworks. This role is integral to the advancement and automation of our security operations processes.
You will be a member of the Cybersecurity Competence Center, where your skills and contributions to security systems delivery will be very visible. The team is international so you will use English both written and orally, German knowledge would be an advantage.

 

What you'll be doing

 

  • Design, develop, test, and maintain SOAR playbooks across multiple platforms
  • Implement and integrate with REST APIs for threat detection, analysis, and remediation workflows
  • Perform administration, tuning, and optimization of SOAR platforms
  • Develop automation scripts and logic using Python and JavaScript to enhance security workflows
  • Collaborate with cross-functional teams to integrate SOAR with SIEM, EDR, threat intelligence, and incident response tools
  • Maintain up-to-date knowledge of authentication mechanisms such as OIDC and OAuth
  • Manipulate structured data formats including JSON, XML, and transformation languages such as jsonata
  • On Call and On Duty responsibilities

 
What you'll bring along

  • Minimum 3-5 years of experience in a similar role
  • Proficient in Python scripting, with practical experience in automation within a security context
  • Hands-on experience with SOAR playbook development and maintenance
  • Working knowledge of JavaScript scripting for browser or server-side logic
  • Strong expertise in REST API integration and testing tools (e.g., Postman)
  • Experience with SOAR platform administration
  • Familiarity with authentication protocols and standards (OIDC, OAuth, etc.)
  • Experience with data formats and tools: JSON, XML, jsonata
  • General understanding of: Cybersecurity principles, SIEM platforms, Endpoint Detection and Response (EDR) tools such as Crowdstrike or Microsoft Defender, MITRE ATT&CK framework, Threat Intelligence tools and platforms, Incident Response workflows
  • English proficiency, German it would be a plus
  • Experience with one or more of the following SOAR platforms is highly desirable: Swimlane 10x (preferred), Cortex XSOAR, Splunk Phantom, Google Siemplify
  • Nice to Have: Experience in ServiceNow administration, including tables, relationships, and SecOps module development
  • Nice to Have: User and access management skills with tools such as KeyCloak and ServiceNow, with an emphasis on least privilege principles
  • Nice to Have: Understanding of relational (e.g., MariaDB) and non-relational (e.g., MongoDB) databases, including API-based integrations
  • Nice to Have: Familiarity with containerization tools such as Docker
  • Nice to Have: Experience configuring and integrating with monitoring and alerting platforms (e.g., Prometheus, Grafana, Opsgenie)
  • Nice to Have: General experience with cloud platforms and environments
  • Nice to Have: Competency in Linux environments and command-line operations
  • Nice to Have: Basic knowledge of Bash scripting
  • Nice to Have: Strong analytical thinking, problem-solving, and context-switching capabilities
  • Strong communication and documentation skills
  • Ability to work independently and collaboratively in a dynamic team environment
  • Proven ability to prioritize and manage multiple tasks efficiently
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  11  0  0
Category: Security Engineering Jobs

Tags: APIs Automation Bash Cloud CrowdStrike Docker EDR Grafana Incident response JavaScript JSON Linux MITRE ATT&CK MongoDB Monitoring PostMan Prometheus Python REST API Scripting SecOps SIEM SOAR Splunk Swimlane Threat detection Threat intelligence XML XSOAR

Region: Europe
Country: Romania

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Security Operations Engineer jobsSenior Cybersecurity Engineer jobsSenior Security Analyst jobsSenior Cloud Security Engineer jobsSystems Administrator jobsIT Security Analyst jobsCyber Security Specialist jobsSenior Information Security Analyst jobsInformation Security Manager jobsSenior Network Security Engineer jobsSecurity Consultant jobsSenior Product Security Engineer jobsSenior Information Security Engineer jobsInformation Systems Security Engineer jobsChief Information Security Officer jobsSecurity Specialist jobsInformation System Security Officer (ISSO) jobsSenior Cyber Security Engineer jobsIT Security Engineer jobsSenior IT Auditor jobsCyber Threat Intelligence Analyst jobsCybersecurity Specialist jobsSecurity Operations Analyst jobsSenior Software Engineer jobsNetwork Engineer jobs
Java jobsTS/SCI jobsSecurity assessment jobsEDR jobsEncryption jobsSplunk jobsSDLC jobsThreat detection jobsMalware jobsFinance jobsIDS jobsTerraform jobsRMF jobsIPS jobsTop Secret jobsForensics jobsSQL jobsSOC 2 jobsCompTIA jobsDocker jobsActive Directory jobsOWASP jobsClearance Required jobsITIL jobsIntrusion detection jobs
GIAC jobsCRISC jobsAnsible jobsVPN jobsHIPAA jobsTCP/IP jobsOSCP jobsMITRE ATT&CK jobsData Analytics jobsDoDD 8570 jobsSOAR jobsIT infrastructure jobsZero Trust jobsSOX jobsJavaScript jobsBanking jobsDNS jobsIndustrial jobsCCSP jobsJira jobsGCIH jobsNIST 800-53 jobsUNIX jobsSANS jobsCISO jobs