Role Proficiency:

Manage the onboarding of new customers. Develop and create new operation processes. Lead SOC service for various customers including deep investigation and cyber security subject expertise.

Outcomes:

Manage a complete cyber security incident and provide deep investigation Create and manage improvement process for customer services Working on improving customer detection by adding relevant detection rules Onboarding new customer to SOC service Develop and update operation methodology Be the point of contact for operational (technical) issues and platform/service improvement Guide SIEM experts Be the cyber security subject expert

Measures of Outcomes:

Successful incident management Successful onboarding of customers to services Successful implementation of improvement programs

Outputs Expected:

Continuous improvement of the services:

Monitoring capability Investigation process Operation process Methodology Incident management Mitigation and automation action

Skill Examples:

 Presentation skill (Verbal) and soft skill (hands on verbal and writing) Excellent analytics skill Ability to lead activity on cross culture/ geo location team to success in task Accountability Ability to think out of the box to find solution Project management skills Proficient in programming languages such as C C# Python Perl Java PHP and Ruby on Rails.

Knowledge Examples:

Knowledge Examples

Experience in cyber security discipline Excellent knowledge of cyber security defence methods (tools topology best practices) Excellent knowledge on Mitre frameworks (or other common frameworks) Practical experience with developing and implementation processes Relevant certification in cyber security Advance knowledge with SIEM solution Experience with cloud (working secure monitoring)

Additional Comments:

Security Automation Engineer- Logic apps CyberProof is a cyber security services and platform company whose mission is to help our customers react faster and smarter – and stay ahead of security threats, by creating secure digital ecosystems. CyberProof automates processes to detect and prioritize threats early and respond rapidly and decisively. CyberProof is part of the UST Global family. Some of the world’s largest enterprises trust us to create and maintain secure digital ecosystems using our comprehensive cyber security platform and mitigation services. CyberProof is looking for a talented Security Automation Engineer to join our dynamic team and contribute to the development and implementation of cutting-edge automation solutions to enhance our security operations. As an Automation Engineer, you will play a key role in designing, developing, and deploying automation solutions to streamline security operations, improve threat detection, and enhance incident response capabilities. You will collaborate closely with cybersecurity analysts, engineers, and other stakeholders to identify automation opportunities, assess requirements, and implement scalable and efficient automation workflows. The candidate should have a strong background in cybersecurity, be proficient in scripting, and have experience with SOAR platforms. Responsibilities: • Design, develop, and implement security automation workflows and playbooks using LogicApps to streamline and optimize security operations processes. • Integrate the SOAR platform with various security tools and technologies such as SIEM, endpoint protection, threat intelligence platforms, and other IT systems. • Design, develop, implement, and maintain automation scripts, tools, and workflows to automate routine security and integration tasks, including log analysis, incident triage, and response. • Maintain and improve the SOAR platform, ensuring its effectiveness and efficiency. • Collaborate with security analysts to understand their workflow and automate repetitive tasks, allowing them to focus on complex threat analysis. • Continuously evaluate new security technologies and update automation playbooks accordingly. • Participate in incident response efforts, providing automation support to accelerate detection, investigation, and remediation. • Measure and report on the effectiveness of automated processes, making improvements as necessary. • Provide technical support and troubleshooting assistance for automation-related issues. • Stay current with the latest cybersecurity trends and emerging technologies in security automation to drive innovation and continuous improvement. • Document automation processes, procedures, and best practices for knowledge sharing and training purposes. Requirements: • Minimum of 3 years of experience in cybersecurity, preferably within a SOC environment. • Hands-on Experience with security incident response and investigation processes. • Hands-on Experience with SOAR systems – playbook design and implementation. • Proven hands-on experience in automation development, scripting, and programming languages such as Python, PowerShell, or Bash. • Strong understanding of cybersecurity principles, technologies, and best practices. • Experience with security tools and technologies, including SIEM, IDS/IPS, endpoint security solutions, and threat intelligence platforms. • Strong analytical and problem-solving skills to identify automation opportunities. • Strong communication and collaboration skills, with the ability to work effectively in a team environment. • Ability to work independently; self-starter/self-motivated. Advantages: • Solid understanding of networking concepts, protocols, and architectures. • Experience with cloud-based service architecture. • Experience with ALM tools, especially Jira. • Relevant information security certifications are a plus.