You will be a core team member of the group responsible for streamlining SOC security functions. In this role, you will be responsible for ensuring the effective use of application, integration and operation of key security products utilized. You will also be a key member of the orchestration team responsible for driving overall security orchestration strategy, defining and providing input for product roadmaps, managing the development and day to day operations of orchestration products, and solutions

Job Description

• Design and implement new features, technologies and solutions which help reduce mean-time-to-resolution of security events, threats and/or incidents
• Develop custom Python packages to normalize various data sources to help our SOC make informed, data-driven decisions
• Lead the design and development of automated frameworks for Security Tools by leveraging a mix of scripting languages, open-source tools or COTs products
• Act as the technical lead / point of contact for assigned projects
• Serve as an interface to our Security Operations Center (SOC) for key Incident Response, and Threat Intelligence use case automation development initiatives leading to; designing solutions that converts analyst use cases into automation pipelines using COTS and/or Open-source products. Additionally, enhancing automation pipelines by developing custom response actions / workflows to enhance automated responses
• Act as the connection point between the SOC/Threat/IR and Orchestration & Automation team to solve complex problems. Determine operational feasibility by evaluating problem scope/definition, requirements, and provide proposed solutions
• Play a critical role in automating specific SOC roles/functions out of existence
• Develop, test, and implement out-of-the-box approaches to identify malicious and suspicious behavior in logs, network traffic or other network forensic related data-sets
• Responsible for identifying integration opportunities between the various siloed tools to help create a unified and streamlined ecosystem
• Create, enhance and continuously update documentation and knowledge base (user guides, quick starts, documentation, blog posts, demos)
• Help increase the speed of our Dev team's ability to deliver features to production while working with other DevOps Automation Engineers
• Contribute to the development of usage metrics to help show effectiveness of the various tools
• Prepare and/or present briefings on Orchestration related solutions, and recommendations tailored to varying levels of technical expertise

Qualifications

• Minimum 3-5 years' experience in Information Technology
• Minimum 1-2 years' experience in a security operations focused environment
• Minimum 3-5 years' production deployment experience in one or more of the following: Java, Python, Ruby, JavaScript
• Minimum 1-year experience working closely with scientific computing libraries such as Pandas, SciKit- learn, Matplotlib, Numpy, etc.
• Minimum 1 year of experience working with enterprise container platforms such as Docker
• Proven hands-on experience with Apache Airflow, Kubernetes or other process workflow platforms
• Experience interacting with APIs to automate processes
• Experience consuming REST APIs
• Experience with CI/CD, DevOps and agile principles

• Experience supporting incident response in a malware, host, network, forensics or log analyst role (big plus)
• Experience with Linux environments a plus
• Experience with virtualization technologies a plus
• Ability to identify and automate common and repeatable tasks/processes
• Possessing written/verbal communication, Sound problem resolution, judgment, negotiating and decision-making skills

Arvin Clark Sikat, Sombilla EA License No.: 02C3423 Personnel Registration No.: R1222536

Please note that your response to this advertisement and communications with us pursuant to this advertisement will constitute informed consent to the collection, use and/or disclosure of personal data by ManpowerGroup Singapore for the purpose of carrying out its business, in compliance with the relevant provisions of the Personal Data Protection Act 2012. To learn more about ManpowerGroup's Global Privacy Policy, please visit https://www.experis.com.sg/privacy-policy