Security Automation Engineer

Our client a Global Tech firm is seeking a Security Automation Engineer to join their team in Johannesburg. Our client offers great benefits, stability, excellent working environment growth and an attractive salary

As an Intermediate Security Automation Engineer, you will be responsible for creating innovative detection and automated response strategies, by leveraging diverse sources of data and intelligence. You understand web application development and security principles well enough to design and implement scalable, extensible, and secure client-specific solutions across different markets. You collaborate with your colleagues and operation teams to create and maintain custom automation scripts, use cases, and workflows that can be adopted and integrated into a wide range of use cases and industries.

Requirements

Main

• Experience with Linux administration
• Experience with programming using JavaScript, PowerShell, Python, REST APIs, GIT, HTML, CSS, Databases
• Experience with container services, including Docker
• Experience with one of the following areas: security operations, incident response, threat management, or security engineering
• Knowledge of general cybersecurity products and services

Advantageous Competencies

• SOAR Technology (xSOAR Palo Alto)
• Any cybersecurity qualifications
• Experience in log management platforms experience, including, Elasticsearch, Logstash, Kibana - ELK
• Certification: PCSAE
• Certification: Any public/private cloud related certification. Azure, AWS and others.

Responsibilities

Create Playbooks and Uses Cases for SOC/SOAR investigation and integrated into Cortex XSOAR Solutions. Integrate and build solutions through automation, orchestration, and coding, using 3rd party software. Build applications (Python, JavaScript, Django, jQuery) to assist with the build and install process of security managed services Craft, build and debug large scale cloud-based and on-premise distributed systems Write, update and maintain technical program, end-user documentation and operational procedures Utilize knowledge of various cybersecurity product ranges to build integrated solutions

Qualifications

• Bachelor’s degree in Computer Science or related field required
• Experience with Linux , including scripting language and command line experience preferred.
• Hands on experience with Security Automation tools.
• Minimum three years of experience in the IT field with a
• background in software development

Current tech stack

• xSOAR (SOAR)
• AWS
• McAfee ESM
• Microsoft ATP, AIP, Sentinel, Azure
• Symantec
• Fortigate, FortiSIEM, FortiAnalyzer, FortiManager
• Checkpoint
• Cisco Tetration, Umbrella, ASA, AMP
• SolarWinds
• ServiceNow
• LogRhythm
• Security Information and Event Management (SIEM)
• Endpoint Detection Response (EDR)
• Python, Django
• HTML, CSS, JavaScript
• Linux, Bash, Ubuntu, CentOs
• JSON, YAML
• ELK
• Docker
• GIT
• REST
• Confluence