Enable job alerts via email!
SOAR Expert
NATIONMIND LLC
Charlotte (NC)
Remote
USD 90,000 - 120,000
Full time
Today
Be an early applicant
Job summary
A cybersecurity firm is seeking a Remote SOAR Expert to operate on Splunk and Palo Alto XSOAR. The ideal candidate will have experience customizing SOAR tools and developing with Python. Responsibilities include integrating SOC systems and onboarding data sources. Strong web development skills and communication abilities are highly valued. This role offers flexibility and the opportunity to work in an impactful cyber security area.
Qualifications
- Experience in customization on any SOAR tool, preferably Palo Alto XSOAR.
- Development experience with Python and web frameworks (Django, Flask).
- Experience with log management and/or SIEM technologies such as Splunk.
Responsibilities
- Operational role on Splunk & XSOAR.
- Work closely on Palo Alto XSOAR platform to customize it.
- Integrate existing SOC systems through development of well-defined APIs.
Skills
Customization on SOAR tools
Development experience with Python
Log management with SIEM technologies
Web development frontend skills
Communication skills
Knowledge of incident response
Tools
Splunk
Palo Alto XSOAR
Django
Flask
SQL databases
Linux
git
nginx
Job description
Overview
SOAR Expert — Remote
Responsibilities
- Operational role on Splunk & XSOAR (our Soar platform).
- Should have significant experience with Python.
- Will work closely on Palo Alto XSOAR platform to customize it as needed.
- Will closely integrate existing Security Operation Center (SOC) systems through development and reuse of well-defined APIs.
- Working with stakeholders for onboarding new data sources on Splunk (or any other SIEM tool) and perform periodic maintenance activities.
- Deploy and evaluate external proof-of-concept tools.
- Help with automation of various SOC related manual tasks.
Must Have
- Experience in customization on any SOAR (Security Orchestration, Automation and Response) tool preferably Palo Alto XSOAR
- Development experience with Python and web frameworks (Django, Flask)
- Experience with log management and/or SIEM technologies such as Splunk
Value
- Web development frontend skills: JavaScript, jQuery, HTML/CSS
- Experience in creating and reusing Restful APIs to improve integration between existing and new security systems
- SQL database or any other DBs
- Good communication skills
- Highly motivated individual with the ability to self-start, prioritize, and multi-task
- Interest in cyber security, willingness to follow security best practices
- Ability to understand code written in other scripting languages
- Knowledge of incident response (SecOps)
- Eagerness to look for and evaluate available open-source incident response/threat intelligence tools
- Strong focus on writing high quality technical documentation
- Good knowledge of Linux, git, nginx.
This is a remote position.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Land a better
job faster
job faster
Follow us
