Login | Register

Sr SOAR SME with, python, and linux experience to help automate and support our clients SOAR tool (Demisto/Palo Alto).

Job Type: Contract
Positions to fill: 1
Start Date: Jul 25, 2022
Job End Date: Jul 25, 2023
Pay Rate: Hourly: Negotiable
Job ID: 121613
Location: Toronto
Apply
Our client  is the largest retailer in Canada. They are looking for a Sr SOAR SME with , python, and linux experience to help automate and support our clients SOAR tool (Demisto/Palo Alto).

3 days a week onsite in Mississauga. 
 
Project: Our client is looking to boost their Security automation capabilities with XSOAR (Demisto/Palo Alto). Create playbooks that can be automated within the tool. Threat hunting  and and investigation work is largely manual currently.
 
Note: XSOAR is operational in the environment but the tool is not operationalized well and is under utilized.
 
Responsibilities:
  • Review and prioritize backlog requirements from security team on what integrations need to be completed with SOAR (Demisto/Palo Alto)
  • Review requirements and meet with stakeholders to gather information in order to build the SOAR play book and complete the integration work.
  • Once integrations are completed support / troubleshoot any issues that need the be fine tuned (ie, playbook is no longer working).
  • Patch Linux server and maintenance when required
  • Engage vendors to remediate any issues (vendor is Palo Alto)
  • Conduct Health analysis with the vendor and act on the tuning suggestions provided by the vendor (Palo Alto).
Must Haves:
  • SOAR - supporting, automating and playbook creation
  • XSOAR (Demisto/Palo Alto) or other similar SOAR tools (Splunk or Swimlane etc).
  • Python scripting
  • Linux maintenance and server patching along with troubleshooting
  • Understanding of end points, EDR, DLP, NAC etc