FortiSOAR Specialist
Indexed description
Responsibilities
- Integrate new logging sources and build playbooks to properly triage and respond to security incidents while reducing the time needed to analyze each event.
- Develop simple and complex playbooks and simple/custom connectors integrating with various technology.
- Deploy, configure, manage, operate, and monitor FortiSOAR in a SOC environment.
- Identify challenges of customer security teams, and assist security teams with SOAR best practices.
- Deploy and manage FortiSOAR VM – dedicated, On-prem and cloud (Multitenant).
- Design, develop and architect FortiSOAR in the customer environment.
- Setting up dashboard, reports, incident war room, and roaster management.
- Experience in defining Jinja filters, functions, and conditions.
- Support Pre-sales, Sales and Business development of new and existing services.
- Support the service transition process; Work with peers to effectively transition customers and infrastructure into operations.
- Work pro-actively and collaboratively with peers seeking mutually beneficial outcomes.
- Support rapid and effective detection, mitigation, containment and response to cyber security incidents leveraging integrations with, and capabilities of, infrastructure platforms, tools, assets under management and non-managed customer controls.
- Creation, optimization and documentation of processes, procedures and workflow; Tracking and reporting of SLAs, KPIs and OLAs.
- Initiate, support and manage incidents, problems, issues, risks and compliance activities; 24x7 on-call for critical or urgent activities as required.
- Degree in Computer science, information systems, electrical engineering or a closely related degree.
- Depth of skills in at least three of the following areas: Security controls operations, cyber incident response, cyber security detection, managed services integration, cyber threat intelligence, threat hunting.
- 5+ yrs experience in Fortinet FortiSOAR is a must.
- Experience in developing FortiSOAR connectors & playbooks.
- Experience in integrating various technologies with SOAR platform.
- Exposure to SIEM (Splunk, Sentinel, Qradar, Securonix) systems is strongly preferred.
- NSE 6 FortiSOAR Administrator and NSE 7 FortiSOAR Design and Development (Architect) certification is preferred.
- Experience in the design, implementation, maintenance and optimization of playbooks for detection, protection, containment and mitigation of cyber security related threats and incidents.
- Strong scripting and integration skills, in languages such as Python, GO, Kusto/KQL, PowerShell.
- Expert skills in information security technologies (e.g. SIEM, NGFW, CTI, WAF) as well as IT systems, including Office 365, service management tools, and the interfaces provided by IT & security systems that can be used for integration, automation and orchestration.
- Solid experience and understanding of Managed Security Service delivery, cyber security concepts and standards; Demonstrated experience in effectively managing and mitigating security events, threat, attacks and vulnerabilities.
- Working knowledge of cyber threats, threat actors, TTPs and how to mitigate threats in different contexts (on-prem, cloud, distributed).
- CISSP, CISM, CISA (or equivalent experience).
- ITIL accreditation (or relevant experience).
- Customer and team-focused attitude.
- Outstanding organizational skills; Ability to lead and motivate skilled security professionals.
- Solid background in cybersecurity and understanding of cyber security tools, infrastructure and systems.
- Active listener; Excellent communication, presentation and training skills.
- Ability to interface with, and influence, Pre-Sales and sales teams, to achieve agreed business outcomes.
- Flexible work approach, based on the job requirements.
- Strong interpersonal skills with the ability to collaborate well with others and reconcile differences among resources/departments.
- Understanding of classic and emerging threat actor tactics, techniques and procedures in both pre and post-exploitation phases of attack lifecycles.
- Health insurance with one of the leading global providers for medical insurance.
- Career progression and growth through challenging projects and work.
- Employee engagement and wellness campaigns activities throughout the year.
- Excellent learning and development opportunities.
- Annual flight tickets to home country.
- Inclusive and diverse working environment.
- Flexible/Hybrid working environment.
- Open door policy.
Present in the Middle East since 2004, Help AG was strategically acquired by e& (formerly Etisalat Group) in 2020, hence creating a cybersecurity and digital transformation powerhouse in the region.
Help AG has firmly established itself as the region's trusted IT security advisor by remaining vendor-agnostic, trustworthy, independent, and maintaining its focus on all aspects of cybersecurity.
With best of breed technologies from industry-leading vendor partners, expertly qualified service delivery teams and a state-of-the-art consulting practice, Help AG delivers unmatched value to its customers by strengthening their cyber defenses and safeguarding their business.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search