SOAR Engineer
Security
SOAR Engineer
Łódź
Type of work
Full-time
Experience
Mid
Employment Type
Permanent
Operating mode
Remote
Fujitsu
At Fujitsu, we believe in the power of diversity. Our values of empathy, trust, and aspiration drive everything we do. So if you want to work with teams who empower each other, come and #MoveForward with us.
Tech stack
C#
SOAR
Python
Gitlab/Github
RESTful APIs
Job description
Online interview
Location: Offices are in Lodz & Katowice, but work can be done 99% remotely
As SOAR Engineer, you will be responsible for:
- Developing threat detection content.
- Engineer automation workflows to enrich events prior to analyst response.
- Engineer automation workflows to automate common analyst response actions.
- Responsing and solve issues negatively impacting the workflow of the SOAR.
- Collaborating with CSOC analysts on tuning or developing new automation.
- Working with leadership on work prioritization and backlog refinement.
- Identifying requirements for partner and provider APIs for better interconnectivity.
- Presenting technical information in non-technical terms to peers and management.
- Analyzing, debugging, reporting issues and enhancements.
- Define, prioritize, and drive standardized incident response activities.
- Improving efficiency of Security Operations by automatization.
- Creating automated playbooks.
- Reducing MTTD and MTTR by orchestration and automatization of security alerts.
- Building complex platform powered by cyber fusion technology for information sharing improvement.
- Searching for improvements to build better efficiency and hassle-free environment.
Requirements:
- 2+ years hands-on experience with SOAR
- Hands-on experience working with RESTful APIs for service integration.
- Experience using GitLab or Github as part of the CI/CD process.
- Experience working with analytics engines like Apache Spark.
- Proficiency on working with Python, C# and/or PowerShell.
- Experience in architecting, managing deployment, and operationalization of SOAR in client environments
- Experience in working with various technical departments to enhance orchestration and automatization threat detections of deployed SIEM solutions
- Solid technical knowledge of Linux and Windows
- Excellent root cause analysis skills
- Hands-on experience working with WebMethods
Additionally, a great asset will be:
- Previous experience with Splunk, Elasticsearch, QRadar, or other SIEM tools
- Security-related certificates, such as CompTIA Security +, CySA+, etc.
- Vendor certificates such as AZ-104, SC-200, AZ-500, MS-500, AWS Practitioner, etc.
- Other certificates which prove knowledge in the field of security and technology administration
- Red Hat Certified Administrator
What do we offer:
- You will work in a collaborative, close-knit team
- You will be able to learn a lot and develop your knowledge in IT Security
- You will have the possibility to participate in various vendor events organized only for business partners
- You will have access to an online learning platform with all the latest tech training
- You will be encouraged to work smart and work in your own way
- You will be a part of a leading global technology business
- You will be trusted to deliver your work
- You will get an extensive benefits package supporting your work-life balance, health, and comfort to work from home
- You will be able to work with top technology providers in the industries
- You will be first on the frontline to prevent any breaches to happen
Check similar offers
Check similar offers