What you'll doPosition Overview:We are seeking a skilled and motivated SOAR (Security Orchestration, Automation, and Response) Engineer with expertise preferably in Software Engineering and platform management to join our cybersecurity teamKey Responsibilities:Infrastructure Deployment:Utilize Terraform for infrastructure as code (IaC) to deploy and manage the infrastructure.Deploy and manage security infrastructure on Google Cloud Platform (GCP).Ensure scalable and resilient architecture for security operations.Integration with Other Capabilities:Lead on requirements gathering exercises, synthesising this input into actionable deliverablesDesign, develop and document potentially complex integrations with other Cyber toolingCreate efficient and effective software in line with best practiceProvide clear instructions and handover to the wider team and end users to ensure effective utilisationSystem Maintenance and Support:Integrate SOAR tools with other security technologies and systems (SIEM, threat intelligence platforms, etc.
).Collaborate with the SOC team to automate incident detection, analysis, and response processes.Perform regular health checks and maintenance of the SOAR platform to ensure optimal performance.Troubleshoot and resolve issues related to the SOAR system and integrations.Documentation and Reporting:Maintain comprehensive documentation of SOAR configurations, workflows, and incident response procedures.Generate reports on SOAR performance, incident response metrics, and security operations improvements.Conduct post-incident reviews to identify areas for improvement and update playbooks and processes accordingly.Testing and DevOps:Develop and implement automated testing frameworks for SOAR workflows and integrations.Collaborate with DevOps teams to integrate SOAR solutions into CI/CD pipelines.Use tools like GitLab CI, Ansible or similar for continuous integration and deployment.Ensure rigorous testing of SOAR playbooks and scripts to maintain high reliability and performance.Monitor and improve the deployment and operational processes of SOAR solutions.Who you areTechnical Skills:Experience with software development and automation using Python required.Experience with Terraform for infrastructure as code (IaC) is required.Hands-on experience with deploying and managing infrastructure on GCP or other cloud provider.Proficiency with IBM QRadar SOAR or any other SOAR platform.Strong understanding of security incident response, threat detection, and remediation processes.