Job Description
*Must be able to work a hybrid schedule (3 days onsite) out of our Atlanta office.*
SOAR Engineer
The WBD SOAR (Security Orchestration Automation and Response) Team empowers the WBD CSOC by maintaining our ticketing and SOAR platform. The Cybersecurity Security Operations Center provides 24/7/365 monitoring, detection, and response coverage for the entire WBD network infrastructure, web facing applications and endpoints. This position will support the CSOC by engineering security tool integrations, automations, scripts, and playbook content for the SOAR platform that will assist the CSOC/IR teams through more effective and efficient responses and investigative capabilities.
Your Role Accountabilities…
• A technical engineer, with an extensive security operations background, who drives the SOAR development lifecycle, in support of the security operations teams.
• Strong understanding of SOAR playbook development and logic.
• Strong understanding of CSOC workflows.
• Write, test, and maintain automation scripts/workflows within SOAR platform.
• Author and maintain documentation for all scripts, integrations, and workflows.
• Design, implement, standardize, and maintain efficient and reusable Python code or other programming language.
• Review, test, debug, and resolve technical issues throughout all stages of Software Development Life Cycle
• Translate conceptual CSOC/IR requirements into technical data and integration requirements for the SOAR platform.
• Deliver API solutions that streamline, simplify, and improve efficiencies for the CSOC/IR teams as well as other enterprise Business Units.
• Design, test, and implement new playbooks for the cyber security operation center.
• Partner with CSOC/IR leadership to gather SOAR requirements, priorities, and enhancements.
• Partner with CSOC/IR teams to review the development of integrations, workflows, & scripts to ensure anticipated output is achieved.
• Implement technical modifications to integration, script, workflow based on feedback from product consumers.
Qualifications & Experiences…
• 3-5 years of technical cybersecurity experience in Incident Response, Security Operations, Threat Intelligence, etc.
• Strong understanding of a variety of security tools and technologies (IDS/IPS, EDR, XDR, SIEM, Vuln Mgmt., etc.)
• Experience with scripting such as BASH, PowerShell, and Python.
• Strong RegEx/PCRE experience
• Ability to multi-task and prioritize work effectively.
• A track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
• Demonstrated exceptional written and verbal communication skills.
• Excellent interpersonal skills and the ability to work effectively with people in a wide range of levels.
• Experience administering Amazon Web Services (AWS) and/or Microsoft Azure.
• Familiarity with infrastructure-as-code tools, such as Terraform or CloudFormation.
• Experience deploying and correlating threat intelligence and vulnerability management solutions.
Championing Inclusion at WBD
Warner Bros. Discovery embraces the opportunity to build a workforce that reflects the diversity of our society and the world around us. Being an equal opportunity employer means that we take seriously our responsibility to consider qualified candidates on the basis of merit, without regard to race, color, religion, national origin, gender, sexual orientation, gender identity or expression, age, mental or physical disability, and genetic information, marital status, citizenship status, military status, protected veteran status or any other category protected by law.
Jobcode: Reference SBJ-dyz9xk-35-171-164-77-42 in your application.