Senior SOAR Engineer
Procter & Gamble
- Cincinnati, OH
- $105,000-150,000 per year
- Permanent
- Full-time
- Cooperate with the SOC and broader Global Cyber Defense teams to enhance existing automation and deliver robust security solutions.
- Evaluate, design, and upgrade SOC processes and workflows, focusing on integrating automation through SOAR tools and technologies.
- Initiate new SOC automation, ensuring compatibility with existing detection and response tools.
- Integrate new log sources and develop playbooks to efficiently triage and respond to security incidents while minimizing analysis time.
- Design custom scripts to automate existing detection and response workflows.
- Assess SOC alerts statistics and workflows to minimize false positives and accurately direct engineering efforts.
- Create pipelines to enrich logs and alert results, providing a comprehensive view for SOC analysts.
- Operate and mature a SOC playbook, workflow automations, and use cases.
- Engage with stakeholders to identify business requirements and provide recommendations on leveraging data effectively.
- Is passionate about cyber security and improving infrastructure for the future.
- Can work independently and as a team to gather requirements and translate into solutions.
- Is detail-oriented and analytical in nature, with strong problem-solving skills.
- Has the ability to multitask and prioritize, work on multiple projects and manage time effectively.
- Can produce and present technical information to both technical and non-technical personnel.
- Can provide customer-facing support in a professional manner.
- Bachelor's Degree in Information Systems, Information Technology (IT), Computer Science, Software Engineering, other STEM field or 5+ years relevant years of experience/education
- Comprehensive knowledge of both classic and emerging threat actor tactics, techniques, and procedures in pre- and post-exploitation phases of attack lifecycles.
- Proven experience in using Python for automating security operations and incident response processes.
- Strong understanding of security architecture, tool integration, API development, and automation.
- Extensive knowledge of Incident Response processes.
- Familiarity with common SOC and SOAR processes and workflows.
- Rich background and experience in Security Information and Event Management (SIEM) systems.
- Experience with security-related datasets, log formats, and protocols.
- Certifications: CISSP, CCSP, OSCP, AWS Certified Solutions Architect (Amazon Web Services), AWS Certified Developer, Relevant certifications in ML/AI