Associate - SOC Analysis ( L1) SOAR

Our SOAR Engineer is responsible for monitoring, developing, and maintaining the beating heart of Malomatia Cyber Security Services and driving our efficiency improvements. The effective use of our tools and expertise is critical to ensure malomatia and our customers can quickly identify, understand, and respond to cyber security incidents.The successful candidate will have a good technical knowledge of cyber systems and incident response, and a desire to drive improvements through automation.They should possess an understanding of different security technologies, technical infrastructures and APIs and an awareness of cyber threats. Required Skills: Experience with Security Orchestration, Automation and Response (SOAR) technologies. Understanding of security architecture, tool integration, API development and automation. Understanding of Incident Response processes (Detection, Investigation, and response). Understanding of common SOC processes and workflows. Experience with Python scripting language for automation and working knowledge of REST APIs, JSON, HTML/CSS, JavaScript, XML. Experience developing Dashboards and Reports focused on cyber security operations. Experience with operating system internals for both Linux and Windows platforms. Understanding of security devices such as firewalls, IDS/IPS, EDR and NDR, Vulnerability Management solutions and SIEM Strong problem-solving capabilities and the ability to work with minimal oversight. Exceptional written and verbal communication skills. Educational Qualifications: Relevant Degree Additionally, one or more relevant industry certification such as GCIH or vendor certification. Desirable: Familiarity and experience working within the region Experience working as part of a MSSP or MDR provider ww.malmatia.com Public Copyright @ 2022 malomatia (Q.P.S.C) All Rights Reserved. Roles and Responsibilities: Act as a Technical Subject Matter Expert, be the primary point of contact for Security Automation, Orchestration, Playbooks, Python Automation, API-based automation, Incident Response lifecycle automation, Security Automation Develop, implement, and execute standard procedures for SOAR platform administration. Design, Deployment and Maintenance of SOAR platforms (including content management, change management, version/patch management, and lifecycle management). Work closely with the Security Operations Center (SOC) and Security Engineering teams to improve existing automation and deliver resilient security solutions Assess, design, and improve SOC processes and workflows with a focus on integrating automation through Security Orchestration, Automation and Response (SOAR) tools. Implement SOC automation and ensure continued compatibility with existing detection and response tools. Integrate new sources and build playbooks to properly triage and respond to security incidents while reducing the time needed to analyze each event. Develop custom scripts to automate current detection and response workflows. Build pipelines to enrich logs and alert results to provide a comprehensive view for SOC analysts. Operate and help mature a SOC playbook, workflow automations and use cases Assist with client setup transition and onboarding, serve as primary point of contact for Managed Security Service client