Skip to main content

This job has expired

You will need to login before you can apply for a job.

Senior Security Automation (SOAR) Engineer

Employer
Hays.
Location
United Kingdom, London
Salary
Competitive
Closing date
20 Jan 2022

View more

Senior Cyber Automation Engineer

LSEG Security Operations is a central function employing people, process and technology to continuously monitor and respond to cyber security incidents. Security Operations spans multiple domains including cyber threat intelligence, cyber threat detection, data loss prevention and cyber incident response.

This role is responsible for the design, and implementation of the Security Operations Security Orchestration, Automation, and Response (SOAR) system.

Responsibilities
• Facilitate business enablement activities, including incident response, workflow & best practices for the SOAR program rollout.
• Ensure key project milestones are achieved.
• Technical troubleshooting and root-cause analysis of SOAR solutions currently installed within the LSEG infrastructure.
• Demonstrate technical skills in managing normal operations and maintenance of the SOAR platform.
• Assist with on-going architecture updates for diagrams, configuration guide(s), and supporting documentation for the SOAR program when necessary.
• Liaise the progress of tasks and provide direct feedback to vendor development in improving the capabilities of the system.
• Present and promote SOAR technologies to different pillars in Cyber Security.
• Stay up to date with current vulnerabilities, attacks, and countermeasures.

Experience
• Automating and refining incident response procedures/playbooks to maximise SOC efficiencies.
• Ability to automate or orchestrate using scripting tools like Bash/Python/Powershell.
• Good understanding of REST APIs, Webhooks and integrations
• Working experience with various network and security tools including cloud security. (XDR/EDR, Email Security, SDWAN, IDS/IPS, WAF, Utilities).
• Cyber adversary tools, techniques and procedures. Threat-centred approach to design and implementation.
• Strong understanding of Security Operations Centre practices, processes and procedures.
• Awareness of computer forensics and reverse malware engineering concepts.
• Understanding event correlation from SIEM solutions (structured or unstructured data).
• Familiarity with industry frameworks such as NIST, Cyber Kill Chain, MITRE ATT&CK
• Incident response process and procedures including common frameworks (e.g. NIST, SANS).
• Knowledge of cloud technologies such as AWS and Azure.
• Knowledge of general network, platform, enterprise, cloud and security technologies

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert