Sr SOAR SME with, python, and linux experience to help automate and support our clients SOAR tool (Demisto/Palo Alto).
Job Type: Contract
Positions to fill: 1
Start Date: Jul 25, 2022
Job End Date: Jul 25, 2023
Pay Rate: Hourly: Negotiable
Job ID: 121613
Location: Toronto
Our client is the largest retailer in Canada. They are looking for a Sr SOAR SME with , python, and linux experience to help automate and support our clients SOAR tool (Demisto/Palo Alto).
3 days a week onsite in Mississauga.
Project: Our client is looking to boost their Security automation capabilities with XSOAR (Demisto/Palo Alto). Create playbooks that can be automated within the tool. Threat hunting and and investigation work is largely manual currently.
Note: XSOAR is operational in the environment but the tool is not operationalized well and is under utilized.
Responsibilities:
3 days a week onsite in Mississauga.
Project: Our client is looking to boost their Security automation capabilities with XSOAR (Demisto/Palo Alto). Create playbooks that can be automated within the tool. Threat hunting and and investigation work is largely manual currently.
Note: XSOAR is operational in the environment but the tool is not operationalized well and is under utilized.
Responsibilities:
- Review and prioritize backlog requirements from security team on what integrations need to be completed with SOAR (Demisto/Palo Alto)
- Review requirements and meet with stakeholders to gather information in order to build the SOAR play book and complete the integration work.
- Once integrations are completed support / troubleshoot any issues that need the be fine tuned (ie, playbook is no longer working).
- Patch Linux server and maintenance when required
- Engage vendors to remediate any issues (vendor is Palo Alto)
- Conduct Health analysis with the vendor and act on the tuning suggestions provided by the vendor (Palo Alto).
- SOAR - supporting, automating and playbook creation
- XSOAR (Demisto/Palo Alto) or other similar SOAR tools (Splunk or Swimlane etc).
- Python scripting
- Linux maintenance and server patching along with troubleshooting
- Understanding of end points, EDR, DLP, NAC etc