Benefits:
401(k)
401(k) matching
Competitive salary
Health insurance
Paid time off
Vision insurance
Flexible schedule
Free food & snacks
Home office stipend
Signing bonus
Role: Cortex XSOAR Engineer
Location: Remote
Work Authorization: US Citizen
Security Clearance: Able to get US “Public Trust” clearance
Required skills/Level of Experience:
As a SOAR Security Engineer, you will be responsible for assisting with the deployment, and maintenance of the Security Orchestration Automation & Response (SOAR) solution within a 24x7x365 federal security operation. The SOAR Engineer will analyze our client’s business requirements / systems /networks and translate those specifications into a SOAR design that provides an efficient and effective SOAR solution within a federal cloud environment.
Minimum Bachelor’s degree in Cyber, Computer Science, or related field + 5 Years relevant working experience.
3+ years of SOAR Engineering / administration experience.
2+ years of management of SOAR within a Federal environment.
Understanding of enterprise environments, specifically cloud-based and hybrid cloud environments. • Knowledge of security frameworks including MITRE ATT&CK, OWASP, & NIST.
Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and/or service requests.
Strong written communication skills and the ability to articulate technical security analysis to a non-technical audience.
Understanding of possible attack activities such as network reconnaissance probing/ scanning, DDOS, malicious code activity, etc.
Able to troubleshoot and be a problem solver with analytical proficiency in Linux.
Strong scripting skills (JS\Python\PowerShell).
Attention to details, fast learner and excellent communication skills. Be able to communicate technical information in a simplified, easy to understand manner.
Cybersecurity knowledge and experience – advantage.
Provide Technical Support to top-tier customers.
Provide tailored troubleshooting, configuration guidance, and best practices.
Manage support cases to ensure issues are recorded, tracked, and resolved with timely follow-ups with thorough documentation of all the troubleshooting steps in the ticketing system.
Conduct multi-vendor troubleshooting on complex customer engagements and build positive customer experience by working closely with Account, Sales, and Marketing teams.
Utilize fault isolation and root cause analysis skills to provide post-sales technical support, configuration, troubleshooting, and standard methodologies to customers.
DoD Approved 8570 certification REQUIRED such as: CompTIA Security+ Certification, CEH, CFR, CCNA Cyber Ops, CCNA-Security, CYSA+**, GCIA, GCIH, GICSP.
Additional Position Description
Specific job duties include:
Assist with Configuration, Deployment, and Maintenance of SOAR technologies within a federal cloud environment.
Aid in the translation of client requirements into technical design / implementation.
Configuration of SOAR in accordance with DISA STIG and CIS Benchmark requirements.
Recommend system and process improvements to continually enhance security operations.
Assist security incident responders during system investigations.
Development of Dashboards and Reports as they relate to SOAR.
Responding to tickets related to SOAR configuration changes and troubleshooting.
Solid understanding of Azure Cloud • Scripting: Good PowerShell scripting skills.
Solid understanding of networking concepts and troubleshooting skills.
Good knowledge of security concepts, IAM, VPN, and NextGen firewalls.
Troubleshooting: ability to troubleshoot problems solo and deliver solutions within a reasonable timeframe.
Be able to look at complicated systems to find flaws or room for improvement.
Job Duty 1 with 60% of time – 60% SOAR Configuration & Management
Job Duty 2 with 10% of time – Assist in Incident Investigation
Job Duty 3 with 15% of time – Dashboard Development & Reporting
Job Duty 4 with 10% of time - Ticket Response
Job Duty 5 with 5% of time – Mentoring Mid Engineers
Nice to Have Skills:
Knowledge of Federal Security Standards such as NIST and DoD.
Understanding and experience with FedRAMP Cloud Security Requirements.
This is a remote position.