Senior SOAR Playbook Developer - Remote @ Center for Internet Security | Jobright.ai
JOBSarrow
RecommendedLiked
0
Applied
0
External
0
Senior SOAR Playbook Developer - Remote jobs in United States
Be an early applicantLess than 25 applicants
company-logo

Center for Internet Security · 15 hours ago

Senior SOAR Playbook Developer - Remote

ftfMaximize your interview chances
AssociationCyber Security
badNo H1BnoteU.S. Citizen Onlynote

Insider Connection @Center for Internet Security

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Design, build, test, deploy, maintain, and document new SOAR playbooks to extend the existing security capabilities of the MS- and EI-ISAC
Develop creative new approaches to accelerate threat detection, responses, and proactive defenses. Orchestrate information between Security Operations Center (SOC), Cyber Threat Intelligence (CTI), and Cyber Incident Response Team (CIRT) analysts, improving the relevance and actionability of products
Lead playbook development and deployment with multi-functional team members. Collaborate with and provide feedback to the analysts, engineers, and product managers as you operationalize innovative security automation and orchestration into security operations.
Make recommendations to leadership on capabilities, direction, investments, and divestments of technologies, products, and services
Actively research emerging security practices and workflows and operationalize findings to better enhance our offerings
Develop and manage the playbook development lifecycle, including change control process and quality assurance standards for automation and orchestration, to ensure changes are tested, rollback plans created, and that playbooks do not negatively impact integrated business systems or operations
Assist internal support teams with troubleshooting highly technical issues that cannot be resolved by lower-tiered support levels
Provide briefings and training to SLTT members, MS-ISAC and EI-ISAC executive committees, and internal stakeholders on cyber defensive technologies. This position will closely align with the Sales, Marketing, and Communications teams to assist with pre- and post-sales support and provide input to develop materials for members
Other tasks and responsibilities as assigned

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

SOAR developmentCybersecurityNetwork operationsPythonSQLAPI technologiesThreat huntingCyber defense technologiesPlaybook lifecycle managementSecurity EventIncident Management (SIEM)Threat Intelligence Platforms (TIPs)MITRE ATT&CK frameworkClient-facing communicationAgile DevOpsVendor managementData ScienceData Engineering

Required

Bachelor’s degree in Information Technology, Cybersecurity, or a related field
4+ years’ experience in network and security operations. Minimum 2 years’ experience in SOC analysis and threat hunting
3+ years’ experience in SOAR and information automation
1+ years’ experience building/integrating security operations processes in large environments
Operational experience in Application Programming Interface (API) technologies and integrating security tools such as firewalls, intrusion detection and prevention systems, endpoint security tools, and other data sources into automated workflows
Proficient in Python development
Proficient with SQL
Significant experience with orchestrating processes, developing custom integrations, and designing advanced decision-making logic
Experience with designing and implementing automation and orchestration best practices, including playbook lifecycle management and development of key performance indicators (KPIs)
Experience with cyber defense technologies, asset management technologies, Security Event and Incident Management (SIEM) platforms, Threat Intelligence Platforms (TIPs), information and enrichment services, and the MITRE ATT&CK framework
Solid client-facing and internal communication skills
Excellent organizational skills, including attention to detail and multi-tasking skills
The position is open to U.S. citizens and requires a favorably adjudicated DHS Fitness Review for Public Trust Positions

Preferred

Master’s degree in Computer Science, Business, or related field
Strong presentation capabilities
Experience with Cyware Orchestrate and/or Devo SOAR (e.g. LogicHub) SaaS platforms
Relevant industry certifications in Python, SQL, Data Science, Data Engineering, and/or SOC Automation
Experience in vendor management and relationships
Familiarity with Agile DevOps and project management
Additional years of relevant experience or a combination of an Associate’s degree or equivalent and relevant experience may be substituted for the Bachelor’s degree.

Benefits

Health (PPO, EPO, HSA), Dental & Vision Insurance eligibility starting from the first day of hire
$500 wellness card for Health Coverage Participants
401(k) with 4% Company Match, vested from the first day of hire
Flexible Spending Account (FSA) & Dependent Care Account (DCA)
Life Insurance
Bonding Leave
Paid Volunteering Program
Bonus eligibility
Paid Time Off (PTO) inclusive of vacation, personal and sick time
Paid Holidays
Wellness Program
Employee Engagement Activities
Professional Development Opportunities
Tuition Reimbursement
Student Loan PayDown Program
Employee Referral program
Employee Assistance Program

Company

Center for Internet Security

twittertwittertwitter
company-logo
The Center for Internet Security is focused on enhancing the cybersecurity readiness and response of public and private sector entities.

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Kathleen Moriarty
Chief Technology Officer
linkedin
leader-logo
Josh Moulin
Senior Vice President of Operations & Security Services
linkedin
Company data provided by crunchbase
logo

Orion

Your AI Copilot