Security orchestration, automation and response Engineer (SOAR) IRC262020

Description

Our Solution Engineering Team supports SOAR and SIEM platforms, managing technical implementation, integration, and maintenance for for both internal and external clients. The team collaborates closely with Detection Engineers, SOC Analysts, Solutions Engineers, and clients to provide effective security operations enabled by automation.
Onsite: #LI-Onsite
#LI-AM5

Requirements

Education & Experience:

– Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field, or equivalent professional experience.
– Proven track record in deploying and managing SOAR solutions at scale within complex environments.
– Extensive hands-on experience scripting and automating cybersecurity processes.

Technical Skills:

– Strong programming and scripting experience (Python, JavaScript, PowerShell).
– Comprehensive experience with one or multiple SOAR platforms (e.g., Palo Alto Cortex XSOAR, Splunk SOAR, Microsoft Sentinel Automation, Swimlane).
– Demonstrated proficiency with SIEM platforms such as Splunk, Microsoft Sentinel, Google SecOps.
– Deep understanding of API integrations, data ingestion techniques, and automation frameworks.
– Experience with cloud infrastructure (Azure, AWS, GCP) and containerized environments Kubernetes is beneficial.
– Experience Managing Virtual Machines via VMware, Hyper-V, or in the Cloud.

Skills & Competencies:

– Excellent analytical, problem-solving, and strategic thinking abilities, with a keen attention to detail.
– Strong communication and documentation skills, capable of clearly articulating complex technical concepts to diverse audiences.
– Proactive attitude toward identifying opportunities for efficiency and operational improvement.
– Comfortable working collaboratively across diverse, global teams and engaging stakeholders effectively.
– Agile mindset, familiar with DevOps practices, CI/CD pipelines, and iterative development methodologies

Nice to Haves:

– Experience REST APIs (Postman or Curl), SQL Query Knowledge, Terraform (IaaS), Ansible, Chef or other IT Automation & Deployment Technologies.

English/Polish – Bilingual

 

Job responsibilities

As a SOAR Engineer within Solution Engineering Team, you will lead the design, development, deployment, and maintenance of security automation solutions. This critical role involves streamlining operational processes and enhancing incident response capabilities through automation and orchestration. You will drive efficiency across a global Security Operations Center (SOC), integrating various data sources such as threat intelligence feeds, ticketing systems, sandboxes, and cybersecurity analysis tools.

We seek innovative engineers experienced in developing end-to-end automation workflows, skilled in programming, scripting, and familiar with multiple SOAR platforms. The ideal candidate will architect comprehensive automation solutions, ensuring seamless adoption and usability by analysts and stakeholders across the organization.

Architecture & Implementation:

– Design, architect, and deploy scalable SOAR solutions, integrating diverse security tools, data sources, and technologies.
– Identify and evaluate automation opportunities across SOC processes, improving incident response times and reducing manual overhead.
– Lead or contribute significantly to large-scale SOAR implementations, from initial proof-of-concept through final deployment.
– Develop cost-saving solutions by leveraging automation to reduce operational expenses and increase productivity.

Integration & Automation:

– Develop and maintain automation scripts, workflows, and playbooks utilizing robust scripting languages (Python, JavaScript, etc.).
– Integrate various data sources, including SIEM platforms (Splunk, Microsoft Sentinel, Google SecOps), ticketing systems, threat intelligence feeds, sandboxes, endpoint security tools, and cybersecurity analysis platforms.
– Maintain comprehensive documentation of automation architecture, integration points, and operational workflows, leveraging tools such as Jira and Confluence.

Monitoring & Dashboards:

– Build and manage dashboards for tracking automation effectiveness, health monitoring of connectors, data feeds, and operational KPIs.
– Proactively monitor the health and availability of all SOAR platform components, addressing any disruptions promptly.
– Vendor & Technology Management:
– Evaluate multiple SOAR vendors and technologies, conduct comparative analyses, and provide strategic recommendations aligned with business objectives.
– Continuously review and propose enhancements or emerging technologies to ensure optimal operational effectiveness and innovation.

Collaboration & Incident Response:

– Support cross-functional teams during incident investigations by providing insights, facilitating automated responses, and ensuring reliable system performance.
– Partner closely with detection engineering, threat intelligence, and SOC analyst teams to refine automation processes and enhance threat detection capabilities.

What we offer

Culture of caring. At GlobalLogic, we prioritize a culture of caring. Across every region and department, at every level, we consistently put people first. From day one, you’ll experience an inclusive culture of acceptance and belonging, where you’ll have the chance to build meaningful connections with collaborative teammates, supportive managers, and compassionate leaders. 

Learning and development. We are committed to your continuous learning and development. You’ll learn and grow daily in an environment with many opportunities to try new things, sharpen your skills, and advance your career at GlobalLogic. With our Career Navigator tool as just one example, GlobalLogic offers a rich array of programs, training curricula, and hands-on opportunities to grow personally and professionally.

Interesting & meaningful work. GlobalLogic is known for engineering impact for and with clients around the world. As part of our team, you’ll have the chance to work on projects that matter. Each is a unique opportunity to engage your curiosity and creative problem-solving skills as you help clients reimagine what’s possible and bring new solutions to market. In the process, you’ll have the privilege of working on some of the most cutting-edge and impactful solutions shaping the world today.

Balance and flexibility. We believe in the importance of balance and flexibility. With many functional career areas, roles, and work arrangements, you can explore ways of achieving the perfect balance between your work and life. Your life extends beyond the office, and we always do our best to help you integrate and balance the best of work and life, having fun along the way!

High-trust organization. We are a high-trust organization where integrity is key. By joining GlobalLogic, you’re placing your trust in a safe, reliable, and ethical global company. Integrity and trust are a cornerstone of our value proposition to our employees and clients. You will find truthfulness, candor, and integrity in everything we do.

About GlobalLogic

GlobalLogic, a Hitachi Group Company, is a trusted digital engineering partner to the world’s largest and most forward-thinking companies. Since 2000, we’ve been at the forefront of the digital revolution – helping create some of the most innovative and widely used digital products and experiences. Today we continue to collaborate with clients in transforming businesses and redefining industries through intelligent products, platforms, and services.