NATIONMIND LLC
Security Engineer
Remote
Description
· Operational role on Splunk & XSOAR (our Soar platform).
· Should have significant experience with development.
Key Responsibilities
· Will work closely on Palo Alto XSOAR platform to customize it as needed.
· Will closely integrate existing Security Operation Center (SOC) systems through development and reuse of well-defined APIs.
· Working with stakeholders for onboarding new data sources on Splunk (or any other SIEM tool) and perform periodic maintenance activities.
· Deploy and evaluate external proof-of-concept tools.
· Help with automation of various SOC related manual tasks.
Must Have
· Experience in customization on any SOAR (Security Orchestration, Automation and Response) tool preferably Palo Alto XSOAR
· Development experience with Python and web frameworks (Django, Flask)
· Experience with log management and/or SIEM technologies such as Splunk
Value
· Web development frontend skills: JavaScript, jQuery, HTML/CSS
· Experience in creating and reusing Restful APIs to improve integration between existing and new security systems
· SQL database or any other DBs
· Good communication skills
· Highly motivated individual with the ability to self-start, prioritize, and multi-task
· Interest in cyber security, willingness to follow security best practices
· Ability to understand code written in other scripting languages
· Knowledge of incident response (SecOps)
· Eagerness to look for and evaluate available open-source incident response/threat intelligence tools
· Strong focus on writing high quality technical documentation
· Good knowledge of Linux, git, nginx.
Work remote temporarily due to COVID-19.
Remote
Description
· Operational role on Splunk & XSOAR (our Soar platform).
· Should have significant experience with development.
Key Responsibilities
· Will work closely on Palo Alto XSOAR platform to customize it as needed.
· Will closely integrate existing Security Operation Center (SOC) systems through development and reuse of well-defined APIs.
· Working with stakeholders for onboarding new data sources on Splunk (or any other SIEM tool) and perform periodic maintenance activities.
· Deploy and evaluate external proof-of-concept tools.
· Help with automation of various SOC related manual tasks.
Must Have
· Experience in customization on any SOAR (Security Orchestration, Automation and Response) tool preferably Palo Alto XSOAR
· Development experience with Python and web frameworks (Django, Flask)
· Experience with log management and/or SIEM technologies such as Splunk
Value
· Web development frontend skills: JavaScript, jQuery, HTML/CSS
· Experience in creating and reusing Restful APIs to improve integration between existing and new security systems
· SQL database or any other DBs
· Good communication skills
· Highly motivated individual with the ability to self-start, prioritize, and multi-task
· Interest in cyber security, willingness to follow security best practices
· Ability to understand code written in other scripting languages
· Knowledge of incident response (SecOps)
· Eagerness to look for and evaluate available open-source incident response/threat intelligence tools
· Strong focus on writing high quality technical documentation
· Good knowledge of Linux, git, nginx.
Work remote temporarily due to COVID-19.