Specialist Manager - SOAR Engineer

Date:  24 Sep 2024
Location: 

Sydney, NSW, AU

Department:  Technology & Transformation
Description: 

Job Requisition ID: 36342 

  • Automate, Accelerate, Defend – Be the SOAR Engineer We Need.
  • Your Skills. Our Security. Together We SOAR.
  • Rewards platform - your hard work won't go unnoticed at Deloitte.

About the role

We are seeking an experienced and highly motivated Senior SOAR (Security Orchestration, Automation, and Response) Engineer to join our Security Operations Centre (SOC). This position is at the managerial level and will play a crucial role in enhancing our security operations through the implementation and management of SOAR platforms. The ideal candidate will have a strong background in cybersecurity, with a focus on automation and orchestration within a SOC environment.

 

About the team

This role sits within the SOAR Engineering team and plays a crucial role in automating and optimizing security operations, enhancing the speed and efficiency of an organization's cyber defence mechanisms.

Key tasks include:

  • Lead SOAR Initiatives: Design, implement, and manage SOAR solutions to automate and streamline security operations.
  • Process Improvement: Continuously evaluate and improve existing security processes and workflows using automation.
  • Team Leadership: Provide guidance and mentorship to junior engineers and analysts within the SOC.
  • Stakeholder Engagement: Work closely with various stakeholders to understand their needs and ensure SOAR solutions align with business objectives.
  • Reporting and Documentation: Maintain comprehensive documentation and reporting for all SOAR activities and incident responses.

 

Required Skills

  1. Extensive SOAR Experience:
    1. Proven experience with any of the SOAR platforms (e.g., Palo Alto XSOAR, IBM Resilient, Splunk Phantom).
    2. Proven ability to explain and implement industry-standard automation responses, such as BEC, Phishing and Malware investigation Playbooks.
  2. Scripting and Automation: Proficient in scripting languages (e.g., Python, PowerShell) for automation of tasks.
  3. Security Knowledge: Solid knowledge of cybersecurity principles, threat landscapes, and security frameworks, such as MITRE.
  4. Security Operation Knowledge and Practical Experience:
    1. General knowledge of handling security incidents, triage, containment/response action, eradication, recovery actions from end to end.
    2. Intermediate knowledge in Threat Intelligence (TI) operations, practical experience in integrating and leveraging TI feeds from Threat Intelligence Platforms (TIPs) using STIX and TAXII to enhance Threat Detection and Incident Response capability.
    3. Minimum of of 2-3 years of practical experience in at least one of the following MSS/SOC operation areas: Incident Response (IR), Threat Intelligence (TI), SIEM or EDR/MDR engineering, Vulnerability Management or Security Monitoring.
  5. SIEM Integration: Experience integrating SOAR with SIEM solutions (e.g., Splunk, Sentinel, Elastic).
  6. Problem-Solving Skills: Strong analytical and problem-solving skills.
  7. Communication Skills:
    1. Excellent verbal and written communication abilities to interact with technical and non-technical stakeholders.
    2. The ability to conduct SOAR technical workshops and to be able to articulate security automation strategies and processes.
  8. Project Management: Capable of managing multiple projects simultaneously with a high degree of organisation.
  9. Team Collaboration: Ability to work effectively as part of a team and lead initiatives.

Desirable Skills

  • Certifications: Relevant certifications such as CISSP, CEH, or GIAC.
  • Cloud Security: Familiarity with cloud security tools and environments (e.g., AWS, Azure).
  • Machine Learning: Understanding of machine learning techniques and their application in security.
  • Vendor Management: Experience in managing relationships with third-party vendors.

Qualifications

  • Education: Bachelor’s degree in Computer Science, Information Technology, or a related field. Advanced degrees are a plus.
  • Experience: Minimum 5-7 years of relevant experience in cybersecurity, with at least 3 years focused on SOAR.

 

Why Deloitte 

At Deloitte, we focus our energy on interesting and impactful work. We’re always learning, innovating and setting the standard; making a positive difference to our clients and our society. We put coaching at the heart of what we do, helping our people grow their careers in any direction – whether it be up, moving into something new, or even moving across the world.  

 We embrace diversity, equity and inclusion. We have a diverse collection of people from different backgrounds, with different experiences, gender identities, abilities and thinking styles. What binds us together is a shared commitment to value everyone’s perspective and to cultivate inclusion; so that our work environment is a safe space we can all belong.   

We prioritise flexibility and choice. At Deloitte, you get trust on Day 1. We know our people get their best work done when they’re in control of where and how they work, designing their work week around their client, team, and personal commitments.

 We help you live and work well. To support your personal and professional life, we offer a range of perks and benefits, including retail discounts, wellbeing leave, paid volunteering days, twelve flexible working options, market-leading parental leave and return to work support package. 

 

Next Steps

Sound like the sort of role for you? Apply now, we’d love to hear from you!

 

 

 

By applying for this job, you’ll be assessed against the Deloitte Talent Standards. We’ve designed these standards so that you can grow in your career, and we can provide our clients with a consistent and exceptional Deloitte employee experience globally. The preferred candidate will be subject to background screening by Deloitte or by their external third-party provider.