Senior SOC Engineer SOAR

Job Description

Responsibilities

• Manage and maintain SOAR services within the SOC environment.
• Hands-on experience with platforms like Splunk SOAR, FortiSOAR, or Cortex XSOAR.
• Onboard new log sources and integrations into SOAR in collaboration with SOC and stakeholders.
• Ensure proper functionality and integration of critical log sources with SIEM/SOAR.
• Design and implement SOAR playbooks and workflows for automation and incident response.
• Integrate SOAR with SIEM, threat intelligence, ticketing systems, and other security tools.
• Work with SOC analysts to streamline triage, investigation, and remediation processes.
• Maintain and update SOAR components; monitor performance and troubleshoot issues.
• Develop custom scripts and connectors to enhance automation capabilities.
• Continuously refine playbooks based on evolving threats and feedback.
• Document workflows, integrations, and operational procedures.
• Ensure compliance with internal policies and regulatory requirements.
• Support process improvements to increase SOC efficiency and effectiveness
• Profound knowledge and hands-on experience with Splunk SOAR and other related SOC Technologies like SIEM, EDR, NDR amongst others.
• Understanding of SOC workflows, MITRE ATT&CK framework, and threat detection methodologies.
• Ability to correlate data across multiple sources to identify patterns and anomalies.
• Strong understanding of cloud and network technologies, essential for efficient log source onboarding.
• Proven technical capabilities in a complex, fast-paced SOC environment.
• Ability to diagnose and troubleshoot log source issues related to cloud and network infrastructures.
• Strong understanding of SOC operations, cybersecurity principles, and best practices.
• Excellent problem-solving skills and the ability to make decisions under pressure.
• Ability to collaborate effectively with a variety of team members, including interfacing with customers to resolve issues.

Qualifications

• Experience with platforms like Forti SOAR, Splunk SOAR, Cortex XSOAR etc.
• Vendor Certifications and training for SOAR tools.
• Python scripting skills.
• Cloud-related certifications like AWS Certified Solutions Architect, Google Professional Cloud Architect, or Microsoft Certified: Azure Solutions Architect Expert.
• Certified Information Systems Security Professional (CISSP), GIAC is preferred.
• Automation and Orchestration of cyber incident with accuracy and consistency.
• A minimum of 5 years of experience in SOC operations, with significant experience in SOAR management.
• Prior experience in a technical role within a SOC or similar cybersecurity environment.
• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.

Job Details

About The Company

Report