Position: Sr.
Automation Engineer/SOAR Job Description: What You’ll Be Doing Develop and implement SOC and IR systems integrations through automation and orchestration including API, PowerShell, and Python Develop and implement new SOC and IR playbooks from threat hunts to tuning to alert maturity through automation and orchestration.
Work with Security Operations L1-L3 on detection and response processes and playbooks.
Perform threat hunting across networks, endpoints, various operating systems, various logs, and identities.
Work with threat intelligence feeds and enrichment lookups through automation and orchestration.
Incident response on investigations and applied in the context of a broader understanding of CSIRT and related systems and processes.
Develop security focused content for SIEM, including creation of complex threat detection logic and operational dashboards.
Encouraging improvement and innovation within Incident response and nurturing and developing less-experienced staff through coaching and written and verbal feedback.
Define solutions to exceptions that occur during the performance of forensics.
Prepare and review reports that promote constant security enhancements.
Apply and execute standard information systems theories, concepts and techniques and assist in the development of standards and procedures.
Transitioning, maintaining, or using Security Technologies such as Security Incident and Event Management (SIEM), Endpoint protection, Data Loss Prevention, and Forensic tools.
Troubleshoot SIEM data collection, notification tuning and alerting.
What We Are Looking For BA/BS degree preferred.
Minimum 2 years of SOAR experience with platforms such as Splunk Phantom, Palo Alto xSOAR/Demisto, Siemplify, Swimlane, Service Now, etc.
Minimum 4 years of Information Security experience Minimum 3 years of SOC and or IR experience Python experience RESTful APIs experience PowerShell experience Scripting and development skills i.E., BASH, Perl, Python, or Java, with strong knowledge of regular expressions Deep proficiency in client and server operating systems including Windows, Mac, and Linux Solid background in network and systems administration as they relate to security best-practices.
Comprehension of top security threats (OWASP Top 10, SANS 25, NVD, etc.) and their remediation techniques Operational experience with the following preferred: Firewalls, Vulnerability scanners, Intrusion Detection/Prevention systems, End Point Protection Systems, SIEM Log Management Systems Ability to meet deadlines and Service Level Agreements (SLA’s) while performing activities in a time critical, highly confidential process.
High level of discretion in dealing with sensitive and confidential information.
Strong analytical and verbal skills Whats In It For You At Arrow, we recognize that financial rewards and great benefits are important aspects of an ideal job.
Thats why we offer competitive financial compensation, including various compensation plans, and a solid benefits package.
Medical, Dental, Vision Insurance 401k, With Matching Contributions Generous Paid Time Off Health Savings Account (HSA)/Health Reimbursement Account (HRA) Options Growth Opportunities Short-Term/Long-Term Disability Insurance And more Annual Hiring Range/Hourly Rate: $121,500.00 $148,500.00 Actual compensation offer to candidate may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level.
The pay ratio between base pay and target incentive (if applicable) will be finalized at offer.
Location: US-CO-Denver, Colorado (Panorama Arrow Building) Time Type: Full time Job Category: Information Technology EEO Statement: Arrow is an equal opportunity employer.
All applicants will be considered for employment without attention to race, color, religion, gender, age, sexual orientation, gender identity, national origin, veteran or disability status.
(Arrow EEO/AAP policy)