The point where experts and best companies meet
Share
Threat Detection & Response Consulting - Security Orchestration, Automation and Response (SOAR) - Senior
Excellent teamwork skills, passion and drive to succeed and combat Cyber threats
Expertise in design and implementation of SOAR solution such as Splunk-Phantom , Paloalto-Demisto XSOAR or Resilient
Responsible for execution and maintenance of SOAR related analytical processes and tasks
Manage and administration of SOAR platforms
Hands-on experience with Incident Response and Threat Intelligence tools.
Creation of reusable and efficient Python-based Playbooks.
Use Phantom platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration Should have worked in a security operations center and gained understanding of SIEM and other log management platforms. Having experience in Splunk content development will be an added advantage
Should have solid experience in the design/build, test, implementation, and maintenance of integration with other security tools and platforms
Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers.
Knowledge in Network monitoring technology platforms such as Fidelis XPS or others
Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others
Qualification & experience:
Minimum of 6 years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating a complicated SOAR solution in global enterprise environments.
Strong oral, written and listening skills are an essential component to effective consulting.
Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary.
Must have knowledge of Vulnerability Management, basic Windows setup, Windows Domains, trusts, GPOs, server roles, Windows security policies, basic Linux setup, user administration, Linux security and troubleshooting.
Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc.
Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field
Minimum 3 years of working in SOAR
Certification in any one of the SIEM Solution such as IBM QRadar, Exabeam, Securonix and Splunk will be an added advantage
Certifications in a core security related discipline will be an added advantage.
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
These jobs might be a good fit