SOAR Engineer
Thermo Fisher Scientific

Job Description

When you join us at Thermo Fisher Scientific, you'll be part of a hard-working, driven team that shares your passion for exploration and discovery. With annual revenues over $40 billion and the most significant investment in R&D in the industry, we give our more than 100,000 colleagues the resources and chances to create meaningful contributions to the world.

Summary

Discover Impactful Work: As a SOAR Engineer, you have a global responsibility for enabling cybersecurity response within the Corporate Infrastructure & Security (CIS) team. In this position, you will play a meaningful role in crafting, developing, and maintaining security automation workflows, playbooks, and custom alerts. Collaborating with our SOC analysts, you'll help us proactively identify and respond to potential threats to keep our organization secure.

A Day in the Life:

• Automation Development: Design and implement SOAR playbooks to automate repetitive security tasks, improving incident response time and reducing analyst workload.
• Workflow Optimization: Analyze existing SOC workflows and find opportunities for streamlining and automation with SOAR capabilities.
• Alerting and Dashboarding: Develop new alerting mechanisms tailored to our security landscape within our SOAR and SIEM platforms. Build insightful dashboards that provide clear visualizations of security metrics.
• Integration: Integrate various security tools and data sources into the SOAR platform for enhanced data correlation and automated actions.

Keys to Success:

• Cross-Team Collaboration: Liaise with SOC analysts, security engineers, and incident responders to understand critical processes and craft effective automations.
• Documentation and Training: Build clear documentation for developed playbooks and workflows. Deliver training and mentorship to SOC analysts for using SOAR capabilities.
• Ensure solutions are well built, backed up & restore tested, and consistently maintained for health.
• Problem Solving & Communication: Excellent analytical and problem-solving skills. Ability to communicate technical concepts to different audiences.

Knowledge, Skills, Abilities

• In-depth knowledge of SOAR platforms (Splunk SOAR/Phantom, Palo Alto XSOAR, Swimlane, etc.).
• Strong scripting skills in Python or other relevant languages.
• Experience with SIEM tools (Splunk, QRadar, LogRhythm, etc.)
• Understanding of network security protocols, threat intelligence sources, and incident response methodologies.

Education

• Bachelor's Degree in cybersecurity, computer science, systems engineering, or related field. Equivalent work experience is acceptable.
• Certifications not required, but encouraged: CISSP, GCIH, CEH or related certifications.

Experience

• 2+ years of experience in a security engineering role with a proven focus on SOAR technologies and Security Operations.
• At least two years experience in an AWS or Azure Cloud-native development platform.

Apply today! http://jobs.thermofisher.com

Thermo Fisher Scientific is an EEO/Affirmative Action Employer and does not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or any other legally protected status.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, perform crucial job functions, and receive other benefits and privileges of employment. We'd love to hear from you if you require accommodation.

Accessibility/Disability Access

Job Seekers with a Disability: Thermo Fisher Scientific offers an accessibility service for job seekers requiring accommodations applying. For example, this may include individuals requiring assistance because of hearing, vision, mobility, or cognitive impairments. If you are a job seeker with a disability or assisting a person with accessibility assistance or accommodation to apply for one of our jobs, please submit a request by telephone at 1-855-471-2255*. Please include your contact information and specific details about your required accommodation to support you during the job application process.

• This telephone line is reserved solely for job seekers with disabilities requiring accessibility assistance or accommodation in the job application process. Messages left for other purposes, such as not getting into the career website, following up on an application, or other non-disability-related technical issues, will not receive a response.

---