Sr SOAR SME with, python, and linux experience to help automate and support our clients SOAR tool (Demisto/Palo Alto).

Our client  is the largest retailer in Canada. They are looking for a Sr SOAR SME with , python, and linux experience to help automate and support our clients SOAR tool (Demisto/Palo Alto).

3 days a week onsite in Mississauga. 
 
Project: Our client is looking to boost their Security automation capabilities with XSOAR (Demisto/Palo Alto). Create playbooks that can be automated within the tool. Threat hunting  and and investigation work is largely manual currently.
 
Note: XSOAR is operational in the environment but the tool is not operationalized well and is under utilized.
 
Responsibilities:

• Review and prioritize backlog requirements from security team on what integrations need to be completed with SOAR (Demisto/Palo Alto)
• Review requirements and meet with stakeholders to gather information in order to build the SOAR play book and complete the integration work.
• Once integrations are completed support / troubleshoot any issues that need the be fine tuned (ie, playbook is no longer working).
• Patch Linux server and maintenance when required
• Engage vendors to remediate any issues (vendor is Palo Alto)
• Conduct Health analysis with the vendor and act on the tuning suggestions provided by the vendor (Palo Alto).

Must Haves:

• SOAR - supporting, automating and playbook creation
• XSOAR (Demisto/Palo Alto) or other similar SOAR tools (Splunk or Swimlane etc).
• Python scripting
• Linux maintenance and server patching along with troubleshooting
• Understanding of end points, EDR, DLP, NAC etc