Job Title: SOAR Developer Engineer

RESPONSIBILITIES:

• Assess, design, and improve SOC processes and workflows with a focus on integrating automation through Security Orchestration, Automation and Response (SOAR) tools and technologies.
• Work closely with the Security Operations Center (SOC) and Security Engineering teams to improve existing automation and deliver resilient security solutions.
• Implement new SOC automation and ensure continued compatibility with existing detection and response tools.
• Responsible for analyzing, building, testing, deploying, maintaining and documenting new SOAR (security orchestration and automation response) playbooks to extend the existing automation capabilities of the Cyber Security Teams.
• Assist with the design, engineering, deployment, and maintenance of playbooks and custom automation products as threats change and new security tools and controls emerge.
• Develop integrations with 3rd party services and APIs.

Qualifications

• 3-5 years of security engineering experience with SOAR, Security Operations, Incident Response
• Proficient in Python scripting language
• Development of Build/Run processes to ensure systems are properly maintained and operating effectively
• Experience with various SIEM technologies (Sentinel, Splunk, Chronicle, etc)
• Understanding of security frameworks (MITRE ATT&CK, NIST CSF, etc.)
• Agile development experience
• Experience authoring security runbooks, policy, and best practice documentation
• Your credentials will also include a sound knowledge of DevOps, JSON, XML, Rest APIs, GIT, JIRA, Bitbucket and Confluence

NICE TO HAVE SKILLS AND EXPERIENCE:

• Understanding of classic and emerging threat actor tactics, techniques and procedures in both pre and post-exploitation phases of attack lifecycles.
• Experience using Python for the purpose of automating security operations and incident response processes.
• Strong understanding of security architecture, tool integration, API development and automation.
• Deep understanding of Incident Response processes.
• Understanding of common SOC and SOAR processes and workflows.
• SANS/GIAC, OSCP or similar certifications.
• DevSecOps CI/CD Pipeline Hands-on Experience

Our values define the working environment we strive to create – diverse, supportive and welcoming of different views. We embrace a culture reflecting a variety of perspectives, insights and backgrounds to drive innovation. We build talented and diverse teams to drive business results and encourage our people to develop to their full potential. Talk to us about flexible work arrangements and other initiatives we offer.

We promote good working relationships and encourage high standards of conduct and work performance. We welcome applications from talented people from all cultures, countries, races, genders, sexual orientations, disabilities, beliefs and generations and are committed to providing a working environment free from harassment, discrimination and retaliation.

Visit Inside Deutsche Bank to discover more about the culture of Deutsche Bank including Diversity, Equity & Inclusion, Leadership, Learning, Future of Work and more besides.