Senior Technology Specialist

Cyber Managed Service -Threat Detection & Response - Security Orchestration, Automation and Response (Sentinel SOAR) - Senior

KEY Capabilities:

• Excellent teamwork skills, passion and drive to succeed and combat Cyber threats
• Working with the customer to identify security automation strategies and provide creative integrations and playbooks.
• Work collaboratively with other team members to find creative and practical solutions to customers’ challenges and needs.
• Responsible for execution and maintenance of Sentinel SOAR related analytical processes and tasks
• Management and administration of Sentinel SOAR platform
• Developing custom scripts and playbooks to automate repetitive tasks and response actions.
• Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON. Must have basic SQL knowledge.
• Knowledge on Incident Response and Threat Intelligence tools.
• Creation of reusable and efficient Python-based Playbooks.
• Use Splunk SOAR platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration
• Partner with security operations teams, threat intelligence groups and incident responders.
• Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms. Having experience in Splunk content development will be an added advantage
• Willing to learn new technologies and take up new challenges.  Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers.
• Good grasp in conceptualizing and/or implementing automation for business process workflows
• Knowledge in Network monitoring technology platforms such as Fidelis XPS or others
• Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others
• Should be able to assist, support and mitigate production issues.
• Should have the capability to work with partners and client stack holders to full fill their asks
• Ability to Coordinate with Vendor to incident closure on according to the severity
• Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement.

Qualification & experience:

• Minimum of 3+ years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Sentinel SOAR solution in global enterprise environments.
• Experience working in ServiceNow SOAR is also an added advantage
• Strong oral, written and listening skills are an essential component to effective consulting.
• Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary.
• Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc.
• Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field
• Minimum 2 years of working in SOAR (Sentinel)
• Experience in Process Development, Process Improvement, Process Architecture, and Training
• Quick to apprehend and adapt new applications.
• Knowledgeable in Cybersecurity and Incident Response Management
• Certification in any one of the SIEM Solution such as Splunk or SC-200 will be an added advantage
• Certifications in a core security related discipline will be an added advantage.