Splunk SOAR Engineer

Summary

Join GuidePoint Security, a rapidly growing value-added reseller focusing exclusively on Information Security, as a SOC Operations Engineer to help transform manual processes into automated playbooks and work closely with analysts to understand incident response processes.

Responsibilities

• Help the SOC transform manual processes into automated playbooks inside a SOAR platform
• Build and/or augment incident response processes with automation capabilities
• Work with analysts to understand existing incident response processes and propose automation use cases to augment those processes
• Use automation to streamline and standardize customer use cases
• Work with management to understand incident response and automation reporting needs, then propose and build relevant reports and dashboards
• Engage with other aspects of the Technical Operations including ticketing, monitoring, and detection tools
• Work closely with the Security Analyst to automate the collection of supporting information for alert analysis and resulting defensive response
• Respond to high-priority requests for information/custom detections from key partners
• Manage and update incident response procedures and workflows/playbooks
• Become a subject matter expert in the customers' high value assets and targets
• Build novel monitoring and alerting playbooks to address potential targeted attacks
• Perform other security operations necessary for continuous monitoring and triaging the platform