SOAR Engineer

CyberGate Defense

What You'll Do

• Design and implement SOAR playbooks for critical use cases like phishing response, vulnerability triage, and threat hunting.
• Integrate SOAR with our existing security tools, including SIEM, EDR, NDR, threat intelligence platforms, and ticketing systems.
• Validate and test SOAR playbooks to ensure they are production-ready. You will also develop custom actions and scripts to extend SOAR functionality.
• Monitor and optimize SOAR performance to handle high-volume security events.
• Work closely with our SOC analysts to improve incident response efficiency and provide knowledge transfer and documentation.

What You Bring

• At least 1 year of hands-on FortiSOAR experience (design, development, or deployment).
• Proficiency in Python for security automation and strong experience with APIs (REST/SOAP), JSON, and XML.
• Familiarity with SIEM tools (e.g., QRadar, Splunk, Sentinel) and basic knowledge of cloud platforms (AWS, Azure, GCP).
• A good understanding of incident response processes, SOC operations, and common security tools (firewalls, IDS/IPS, etc.).
• Strong communication and documentation skills, with the ability to manage end-to-end customer projects.