Job Description :
Role: Demisto Developer / SOAR-Security Orchestration, Automation and Response-Lead (DPM)

Location: Philadelphia, PA



JD:




Must have Demisto & SOAR expertise for

·       Implementation

·       Integration with different solutions (SIEM, Ticketing System, Security Devices)

·       Deploy & Enable Playbooks /runbooks

·       Develop Architecture Diagrams & Documentation

·       Knowledge of Different Security controls and mechanisms

·       Programming / Scripting in Python, JAVA, Ruby etc

·       Experience developing integration solutions with web service APIs using REST/JSON.

·      Work directly with Security Information and Event Management (SIEM) Team and other security product owners to architect an end to end automation solution such as:

                     Enrich SIEM events with data from systems like LDAP, VirusTotal and others

                     Manage and write Smart responses/post processors for SIEMS alarms

                     Contextualize alarms by looking at various data points and ascertain threats and alerts appropriately

·     Work with Incident Response teams to develop correlation rules and corresponding incident response workflows/playbooks

·    Experience with networking, network protocols & security infrastructures

·      Strong application and infrastructure knowledge; e.g. Tomcat, PostgreSQL, SAML, IMAP, LDAP, Active Directory, SSO.

·       Development Environment knowledge in linux, bash shell programming, git, gradle, virtual machines and Docker.

·      Working knowledge of Networking concepts (firewalls, DNS, IP addressing, SSL/TLS and certificates

·      Excellent written, verbal communication skills, ability to effectively coordinate multiple priorities in a dynamic environment, strong analytical and negotiating skills & excellent organization and interpersonal skills required

-          10+ years of Security Operations Experience specially working in  SOC

-          3+ years of Experience in operating and creating playbooks for Security Orchestration Platform