Information Protection (SOAR) Engineer (Remote)
- Job Title
- Information Protection (SOAR) Engineer (Remote)
- Job ID
- St. Louis, MO 63134
- Other Location
From our start in 2009, Conexess has established itself in 3 markets, employing nearly 200+ individuals nation-wide. Operating in over 15 states, our client base ranges from Fortune 500/1000 companies to mid-small range companies. For the majority of the mid-small range companies, we are exclusively used due to our outstanding staffing track record.
Who We Are:
Conexess is a full-service staffing firm offering contract, contract-to hire, and direct placements. We have a wide range of recruiting capabilities extending from help desk technicians to CIOs. We are also capable of offering project-based work.
Conexess Group is aiding a large healthcare client in their search for an Information Protection (SOAR) Engineer in a remote capacity. This is a long-term opportunity with a competitive compensation package.
******We are unable to work C2C on this role******
- Function as a SME working as part of a team of dedicated engineers and security professionals
- Leverage API functionality and integrations to target key areas for functional improvements to meet objectives.
- Assist in the development of well-defined use cases that map to areas in need of address.
- Design integrations for multiple platforms and coordinate with technology and engineering teams and pertinent stakeholders to develop optimal solutions that meet customer requirements and exceed expectations.
- Develop information security and incident response workflows in line with best practices
- Create playbooks for information security use cases applying context to the incident lifecycle through event enrichment to include threat analytics and intel and vulnerability data.
- Perform classification and mapping for incident types
- Manage and configure jobs
- Develop custom automation scripts and integrations
- Document processes and lessons learned.
- Drive engagements to ensure peak time-to-value delivery
- Identify key metrics that illustrate current state of cyber security incidents and trends and coordinated response efforts to drive efficiency.
- Follow change management procedures
- Define pre-processing rules and actions
- Perform regression testing and secure development life-cycle practices
- Assist in platform training and drive product adoption
- 1-2 years experience working in SOAR product and developing playbooks
- High-level SOAR experience (especially XSOAR) is REQUIRED
- Experience as a security incident handler or incident responder
- Understanding of the incident lifecycle and event triage and incident response processes and procedures
- Experience with enterprise security products (i.e. SIEMS, FWs, Sandboxes, Vulnerability Management) and familiarity with IT infrastructure.
- Knowledge of the emerging threat landscape and threat actor TTPs.
- Basic Linux system administration and troubleshooting experience
- Ability to translate complex requirements to automation playbooks.
- Ability to prioritize tasks and work in a agile, fast-paced environment.