You’ll serve as a SOAR Developer and will work independently with clients to support the onboarding and post installation services of the Siemplify platform. We need someone with a understanding of security constructs in addition to a wide array of technologies to help design playbooks and build custom actions with in Siemplify
You’ll work with many different products and technologies, including not limited to: Splunk, ELK stack, Databases (Postgres, MSSQL, MySQL), DLP systems, EDR systems, ticketing systems, among others. You’ll use your knowledge of these systems to help customers build playbooks in Siemplify to support their business goals. You’ll be expected to develop and maintain integration scripts that connect Siemplify to external systems.
To be successful in this role you need experience in scripting, regex, and a solid understanding of security response processes.
Develop automation and orchestration use cases in Siemplify
Develop integrations and custom actions using Python to support playbooks
Ability to refine and translate complex requirements and execute best practice solutions
Experience with multiple scripting languages with preferred 2-3 years in Python
Experience in programming utilizing REST API based / SOAP API based automation
Familiarity with code versioning tools such as Git, SVN, etc.
Working knowledge of Web Services, SOAP, JSON and XML technologies.
Experience with one or more SIEM tools (Splunk, qRadar, ArcSight) and enterprise logging solutions
Knowledge of different database technologies and query languages (Postgres, MariaDB, MSSQL)
Skilled on a wide range of security technologies: firewalls, EDR, email security platforms, vulnerability management, malware analysis
Skilled with a variety of general IT technologies: virtualization, route/switch, IDS/IPS, database technologies, containers
Experience with Splunk
Strong knowledge of object oriented concepts
Experience in Bash, Linux Shell or PowerShell scripting.