SOAR Engineer

Vodafone is seeking a highly skilled SOAR Engineer to join our cybersecurity team. As a key member of our team, you will be responsible for designing, developing, and implementing security solutions to protect our infrastructure and data.

• Infrastructure Deployment: Utilize Terraform for infrastructure as code (IaC) to deploy and manage the infrastructure, ensuring scalable and resilient architecture for security operations.
• Integration with Other Capabilities: Lead on requirements gathering exercises, synthesizing input into actionable deliverables, and design, develop, and document complex integrations with other Cyber tooling.
• System Maintenance and Support: Integrate SOAR tools with other security technologies and systems (SIEM, threat intelligence platforms, etc.), collaborate with the SOC team to automate incident detection, analysis, and response processes, and perform regular health checks and maintenance of the SOAR platform.
• Documentation and Reporting: Maintain comprehensive documentation of SOAR configurations, workflows, and incident response procedures, generate reports on SOAR performance, incident response metrics, and security operations improvements, and conduct post-incident reviews to identify areas for improvement.
• Testing and DevOps: Develop and implement automated testing frameworks for SOAR workflows and integrations, collaborate with DevOps teams to integrate SOAR solutions into CI/CD pipelines, and ensure rigorous testing of SOAR playbooks and scripts to maintain high reliability and performance.

• Experience with software development and automation using Python required.
• Experience with Terraform for infrastructure as code (IaC) is required.
• Hands-on experience with deploying and managing infrastructure on GCP or other cloud provider.
• Proficiency with IBM QRadar SOAR or any other SOAR platform.
• Strong understanding of security incident response, threat detection, and remediation processes.