Job Description
- Role: SIEM/SOAR Python Engineer
- Contract/contract to hire and Contract Length: 18 months
- Locations: Denver, CO or Chicago, IL, Addison, TX OR Charlotte, NC (3x a week onsite)
Requirements
Looking for someone that can help contribute to the cloud implementation so that they don't code themselves into a corner. Looking for someone that has implemented a SOAR solution. Looking for both SOAR and SIEM experience. Would ideally like someone that has functioned as a SOAR Engineer or SOAR Administrator and who can run the servers and sets them up via XSOAR, Swimlane, cloud admin component wise. Couldn't speak to customizations to his playbooks- didn't know coding practices. Lacked Python – this is important because they in this role will have to do custom code dev work there- knowing out of the box soar is good but needs custom dev and he lacked this. Want true Agile experience and NOT Kanban. Does not want a candidate that is long winded in their responses. Looking for someone with a good personality (team player) that can gel easily with the team.
Interview Availability
*I have 2 interview times available on Friday!!!*
Candidates Qualifications
- Candidates MUST have DEVELOPMENT experience with SOAR, Splunk, and Python. SOAR is a security automation tool for Splunk.
- 2 roles open
SIEM/SOAR Python Engineer Responsibilities
- Work with stakeholders directly to build, design, deliver, re-write, and maintain efficient, reusable, and reliable security automations using Splunk SOAR. This role is highly detail oriented and will require hands-on knowledge of programming languages, APIs, and integrations.
Key Responsibilities:
- Review API documentation and connect third-party services to the SOAR platform.
- This role will be responsible for the whole lifecycle of an automation playbook, from requirements gathering and -planning to design, testing, implementation, and maintenance.
- Create detailed technical documentation regarding to your orchestration.
- Collaborate with other internal teams as part of setting up SOAR integrations.
- Follow all change management processes and requirements as part of setting up SOAR integrations.
Skills Requirements
- 2+ years of hands-on experience in Splunk SOAR, including writing playbooks and troubleshooting.
- 2+ years of hands-on experience using Splunk for both searching/data analysis and for passing data to SOAR.
- Strong programming skills in Python.
- Proficiency with Git.
- Experience working with REST and other third-party API integrations.
- Strong understanding of IT security concepts and practices.
- Familiarity with enterprise change management.
- Strong deductive reasoning and critical thinking skills.
- Strong organization skills.
- Experience with Scrum or other agile development methodologies.