Sr. Soar Engineer - Security Orchestration, Automation, & Response

Job Description

Our Team

Within our Global Information & Content Security team, there has never been a busier or more urgent time to obtain the best talent we can. In light of the constant threats and attacks occurring in companies across the globe, and across all industries, the Global Information and Content Security (GICS) Team at WBD is a growing group of cyber security professionals, using the latest tools and resources to protect the assets from our internal infrastructure to the shows we broadcast and media content we produce across the globe on CNN, Discovery Channel, Animal Planet, Discovery ID, HBO, TLC, TBS, EuroSport, TVN, WB and more. From US to Singapore, Poland, India to LA, we are tasked with protecting, training, and implementing the best of the best in tools, resources, monitoring, threat detection, and more.

Your New Role...

The WBD SOAR Team empowers the WBD CSOC by maintaining our ticketing and S.O.A.R platform. The Cybersecurity Security Operations Center provides 24/7/365 monitoring, detection, and response coverage for the entire WBD network infrastructure, web facing applications and endpoints. This position will support the CSOC by engineering security tool integrations, automations, scripts, and playbook content for the SOAR platform that will assist the CSOC/IR teams through more effective and efficient responses and investigative capabilities.

Your Role Accountabilities...
• A technical engineer, with an extensive security operations background, who drives the SOAR development lifecycle, in support of the security operations & IR teams.
• Strong understanding of SOAR playbook development and logic flows.
• Strong understanding of CSOC workflows.
• Write, test, and maintain automation scripts/workflows within SOAR platform.
• Author and maintain documentation for all scripts, integrations, and workflows.
• Design, implement, standardize, and maintain efficient and reusable Python code or other programming language.
• Review, test, debug, and resolve technical issues throughout all stages of Software Development Life Cycle
• Translate conceptual CSOC/IR requirements into technical data and integration requirements for the SOAR platform.
• Deliver API solutions that streamline, simplify, and improve efficiencies for the CSOC/IR teams as well as other enterprise Business Units.
• Design, test, and implement new playbooks for the cyber security operation center.
• Partner with CSOC/IR leadership to gather SOAR requirements, priorities, and enhancements.
• Partner with CSOC/IR teams to review the development of integrations, workflows, & scripts to ensure anticipated output is achieved.
• Implement technical modifications to integration, script, workflow based on feedback from product consumers.

Preferred Qualifications & Experience..
• 3-5 years of technical cybersecurity experience in Incident Response, Security Operations, Threat Intelligence, etc.
• Strong understanding of a variety of security tools and technologies (IDS/IPS, EDR, XDR, SIEM, Vuln Mgmt., etc.)
• Experience with scripting such as BASH, PowerShell, and Python.
• Strong RegEx/PCRE experience
• Ability to multi-task and prioritize work effectively.
• A track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
• Demonstrated exceptional written and verbal communication skills.
• Excellent interpersonal skills and the ability to work effectively with people in a wide range of levels.
• Experience administering Amazon Web Services (AWS) and/or Microsoft Azure.
• Familiarity with infrastructure as code tools, such as Terraform or CloudFormation.
• Experience deploying and correlating threat intelligence and vulnerability management solutions.
** This position requires the resource to be on-site at least three days a week.

If you're a qualified candidate and you require adjustments or accommodations to search for a job opening or apply for a position, please contact us at recruitadmin@wbd.com.

Jobcode: Reference SBJ-rv67nn-13-58-82-79-42 in your application.