19 Sep
Demisto Security Operations Expert
Vacancy expired!
Demisto Security Operations Expert
TX, San Antonio 78249 Security Clearance: U.S. Citizen, Current Security Clearance, Secret Skills: Demisto, SOAR, SOC, Python, PAN, SecOps, containers, Splunk, SIEM, security administration, cybersecurityWe are seeking a SOAR/Demisto SME to support integration development for an enterprise-wide IT Infrastructure modernization effort supporting a DoD environment. Qualified candidates will have experience with threat detection and response and hands-on expertise working with emergent cyber tools and security tool integration using Palo Alto Networks (PAN) tools or Security Orchestration, Automation and Response (SOAR) products. Python development experience is required. Duties and responsibilities include:- Support cybersecurity goals for SOC operations developing automation and supporting orchestration content
- Provide support for the development of integrations between SOAR (Demisto) and security products, tools, and sensors
- Contribute expertise to improve security posture and resolution for incidents, security applications, and security architecture
- Support Agile development and prototyping
- Support containerized development
- Support API integration and research
- U.S. citizenship
- Current security clearance (Secret minimum)
- 4+ years of cyber experience; DoD environment preferred
- Bachelor's degree in a related discipline preferred
- Additional years of relevant work experience will be considered as a substitute
- Experience working with a SecOps team providng hands-on support for network and security administration using SOAR
- Experience with Demisto automated incident response platform
- Prior work in an Agile environment using a DevOps model and rapid prototyping
- Understanding of FISMA standard
- Understanding of FedRAMP security requirements for cloud computing including NIST 800 and RMF security controls
- Experience with API coding, research, and integration using Python and/or JavaScript
- Experience with security tool integration (SIEM) using PAN or SOAR
- Experience supporting containerized development such as Docker, Kubernetes, etc.
- Experience with Splunk enterprise security is preferred
- Industry recognized cloud certification, AWS preferred
- Industry recognized cybersecurity certification is preferred
- Prior experience supporting USAF technology infrastructure is a plus
Vacancy expired!