SOAR – Splunk SOAR (ZISPL Job No 675)
Job Skills
Job Description
Experience in SIEM SOAR implementation and administration
Experience in Playbook creation
Demonstrated proficiency in the daily monitoring of Information Security events
ensuring prompt detection and response to potential threats
Proficient in performing 24x7 monitoring of security logs conducting detailed analysis and escalating detected events based on agreed runbooks and SLAs
Knowledgeable in malware analysis techniques aiding in the identification and mitigation of malicious software
Experience in SIEM SOC operations for very large enterprises ensuring security posture and compliance
Proficiency in reviewing security monitoring tool policies using a logical and security focused approach aligning them with the latest security concepts to enhance the overall security posture of the organization
Possess expertise in threat modeling and the development of use cases enabling the creation of effective strategies for identifying and mitigating security threats
Proficient in working with SOAR tools particularly XSOAR
Skilled in playbook development and integrating third party solutions with SOAR
Experienced in security automation using scripting languages like Python and Shell
Hands on experience in Managing and maintaining existing SOAR solution ensuring its optimal performance and functionality
Successfully on boarded new customers to the platform ensuring a smooth transition and adoption of the platform Managed the entire customer onboarding process starting from host building firewall requests and tenant on boarding
Integrated third party solutions with the SOAR platform including SIEM email and ITSM
Troubleshot errors related to playbook execution and third party integrations ensuring smooth operation of the SOAR system
Assisted in SOAR platform upgrades including testing deployment and configuration to maintain up to date and secure infrastructure
Gathered playbook development requirements from customers or suggested new playbook development requirements to enhance the SOAR systems capabilities
