SOAR Platform Management Senior Advisor

Secureworks® (NASDAQ: SCWX) a global cybersecurity leader, enables our customers and partners to outpace and outmaneuver adversaries with more precision, so they can rapidly adapt and respond to market forces to meet their business needs. With a unique combination of cloud-native, SaaS security platform and intelligence-driven security solutions, informed by 20+ years of threat intelligence and research, no other security platform is grounded and informed with this much real-world experience.

We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team. 

Key Responsibilities 

The SOAR Platform Management Senior Advisor will be expected to leverage Resilient platform in order to create orchestration / automation flows based on D&B playbooks or Lx input.

• Develop, test, deploy and document integration code for data and process flow between Splunk – Resilient - other applications related to incident and task management, data query, data enrichment and reporting

• Gather and triage Infosec input with respect to finetuning or enhancements of existing orchestration flows

• Customize and maintain Resilient API integration with other systems

• Work with Splunk platform Management team and Infosec team in order to orchestrate and automate new incident response flows (mainly specific to L1 function for data gathering and enrichment)

• Execute e2e product lifecycle management including but not limited to, product patches, product upgrades, performance management

• Qualify, prioritize, and resolve technical problems related to Resilient platform and also existing automation and orchestration flows within the tool

• Monitor relevant work request queue as needed from time to time

  `
Essential Requirements

• Fundamental understanding of defense strategies and techniques

• Detailed knowledge of security technologies and trends

• Knowledge of threat techniques and typical measures to detect malicious activity

• Knowledge of investigation tools to identify malicious behavior

• Able to aggregate information from all available data sources, security tools, and threat trends to identify attacks against the client environment 

• Knowledge of the investigation flows and ability to automate them in alignment with MITRE framework

• Working knowledge/experience of network systems security principles and applications 

• Scripting abilities

• Linux administration

• 3+ years of experience in cyber security or SIEM / SOAR platform management

• University education, degree in Computer Science, Information Systems, or Network and Security

Desirable Requirements

• Experience working as a Dev-Ops Engineer

• A good understanding of Industry Security standards and frameworks (.:, NIST Cyber Security Framework, Mitre etc.)

• Experience with ticketing and workflow applications

• Hands on experience of Linux Administration & Configuration

• Comptia Security+ or CCNA Security or CCNP Security or GCIH or CISSP

• Splunk Power User or any other SIEM or SOAR platform 

Here are more reasons to join our team!

Look at what we offer and feel free to reach out to us for more details!

• Development programs and cybersecurity training/ certifications – because we grow together  

• Internal Career Progression Plan for top performers - we encourage you to follow internal opportunities

• Regular workshops – we are the largest community of cybersecurity experts and we enjoy sharing our best practices during our Communities of Practice and to our trainees

• Work from home policy – your time matters

• Medical and Dental subscription – flexible package and you can include your family members  

• Life Insurance  

• Annual Performance Bonus

• Meal tickets

Why work with us?

Secureworks, a Dell Technologies company, is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, colour, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics.