All offersGdańskSecuritySIEM / SOAR Automation Engineer
SIEM / SOAR Automation Engineer
Security
Codilime

SIEM / SOAR Automation Engineer

Codilime
Gdańsk
Type of work
Full-time
Experience
Mid
Employment Type
B2B
Operating mode
Remote

Tech stack

    SOAR
    advanced
    SIEM
    advanced
    SOC processes
    advanced
    IT Security
    advanced
    Communication Skills
    advanced
    Python
    regular
    API
    regular
    XSIAM
    regular
    Version control system
    regular

Job description

Online interview

Get to know us better

CodiLime is a software and network engineering industry expert and the first-choice service partner for top global networking hardware providers, software providers and telecoms. We create proofs-of-concept, help our clients build new products, nurture existing ones and provide services in production environments. Our clients include both tech startups and big players in various industries and geographic locations (US, Japan, Israel, Europe).

While no longer a startup - we have 300+ people on board and have been operating since 2011 we’ve kept our people-oriented culture. Our values are simple:

  • Act to deliver.
  • Disrupt to grow.
  • Team up to win.


The project and the team

 We are looking for an open-minded, passionate about new technologies, logically thinking person with a creative approach to solving problems. If you are eager to learn, if you like to design, deploy and troubleshoot network solutions, and if you want to automate repetitive work, we would like to offer you a great opportunity to grow with CodiLime. You will have a chance to join a team of specialists who know that every problem can be solved. We have already completed numerous projects in the field of networking, cloud or infrastructure automation and monitoring.

We are a team of DevOps, Network Engineers and Security Engineers with network automation experience who explore the world of SDN, NFV and work with top-notch cybersecurity solutions.

What else you should know:

  • Our engineers support projects from the automation development phase, through solution deployment and integration, to troubleshooting a working service
  • We collaborate closely with analysts, architects and developer teams
  • Our tech stack for the project includes various cybersecurity solutions, especially NGFW, SASE, and SIEM

We work on many interesting projects at the same time, so we may invite you for an interview for another project if we consider your competences and profile suitable.


Your role

As a part of the project team, you will be responsible for:

  • Automating SOC processes to improve the efficiency and accuracy of alert handling
  • Cooperating closely with the technical lead to ensure that creating playbooks meets customer requirements and is in line with the best practices
  • Sharing your knowledge and expertise during the design phase, ensuring the created playbooks are as concise and effective as possible
  • Cooperating with the technical lead to create a clear automation process for the customer’s SOC
  • Sharing expertise around Automation best practices and playbook design 
  • Assisting customers in connecting their security tooling to Cortex XSIAM
  • Using the Cortex Marketplace
  • Creating playbooks that reflect design intent and customer requirements
  • Where required, demonstrating playbooks, explaining various tasks
  • Explaining and demonstrating the value of integrations, offering support and setup guidance
  • Cooperating with internal and external teams to ensure product adoption
  • Creating technical documentation detailing the SIEM aspects of the engagement


Do we have a match?

As a SIEM / SOAR Automation Engineer you must meet the following criteria:

  • 4+ years of deploying and integrating SOAR or SIEM to the enterprise and large enterprise level
  • Ability to define, create and automate the SOC process through the use of playbooks
  • Knowledge of a scripting language (e.g. Python, Bash) to develop advanced custom integrations, automations for use in playbooks
  • Strong understanding of security concepts, frameworks, and compliance standards, with the ability to provide strategic guidance and recommendations
  • Advanced APIs knowledge and ability to integrate SOAR or SIEM with variety of security tools and infrastructure components
  • Knowledge in the field of incident response processes, including triage, investigation, and remediation
  • Strong communication (written and verbal) and presentation skills, both internally and externally
  • Fluent English is our requirement. Knowledge of any other language will be an additional advantage
  • Relevant bachelor's degree or industry recognized qualifications
  • Ability to read, understand and create technical design documentation
  • Willingness to work flexible hours (including maintenance windows in different time zones)

Beyond the criteria above, we would appreciate the nice-to-haves:

  • Knowledge of Palo Alto Networks solutions, especially Cortex XSIAM, XSOAR, XDM, Splunk
  • Experience with Version Control System
  • Experience with automation tools


More reasons to join us

  • Flexible working hours and approach to work: fully remotely, in the office or hybrid
  • Professional growth supported by internal training sessions and a training budget
  • Solid onboarding with a hands-on approach to give you an easy start
  • A great atmosphere among professionals who are passionate about their work
  • The ability to change the project you work on