- Permanent, Full time
- Standard Chartered Bank
Security Orchestration, Automation, and Response (SOAR) Security Engineer
- Location: Singapore
- Salary: Competitive
- Job Type: Full time
Security Orchestration, Automation, and Response (SOAR) Security EngineerAbout Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
The Role Responsibilities
· Support the delivery and contribute to maturing the Security Monitoring and Analytics automation strategy.
· Work closely with STS service lines to identify, document, and implement use case requirements and playbooks for automation initiatives.
· Responsible for the high level architectural design of orchestration capabilities within the Security Monitoring and Analytics service in conjunction with the respective service managers across service lines and ensures all design patterns are appropriately documented and maintained in the corresponding repositories and these reflect both the current implementation and the intended target view.
· Responsible for the strategic evolution of the orchestration and automation capabilities within Security Monitoring and Analytics in alignment with changing business needs, threat land scape and technical requirements to increase the quality of the selected solutions concerning identify, protect, detect, respond & recovery domains.
· Build API integration for data enrichment across internal (e.g., CMDB, Active Directory) and external (e.g., VirusTotal, DomainTools) data sources
· Automate analysis, security testing, vulnerability discoveries, threat intelligence gathering and consuming threat feeds to track adversaries
· Leverage REST calls to various APIs for data enrichment and contexualize security alerts across internal (e.g., CMDB, Active Directory) and external (e.g., VirusTotal, DomainTools) data sources
· Document mapping and architecture between various integration points, document playbooks and actions they perform
· Design and/or develop new and enhance existing Phantom playbooks in Python.
· Work closely with SIEM Content Engineering service to ensure close alignment in the alerting and orchestration
· Work closely with service architect to map integrations and dependencies across security tools (e.g., Splunk, Tanium, Anomali), JIRA, and APIs
· Conduct training sessions on new playbooks and integration with operations personnel
· Ensure proper documentation is created and maintained for playbooks, integrations, and interfaces
Run daily agile sessions, sprint planning, and demos.
Our Ideal Candidate
· Minimum 5 years' experience in scripting or software development with a preference in Python language.
· 2+ year experience with API development and integration across security appliances.
· Strong technical skills and good understanding of security technologies that support security operations (e.g., SIEM, Threat Intelligence Platform, Malware Analysis, Endpoint Detection and Response Solutions).
· Famliarity with microservices and cloud integration across platforms.
· Experience working with Splunk and strong understanding of Splunk SPL.
· Experience with SOAR platforms (e.g., Phantom, Demisto, Reslient).
· 1+ years experience working with cloud services (e.g., AWS, Google Cloud, Azure).
· Demonstrated experience building automation tools, scripts, and automation of web services.
· Strong sense of personal ownership and responsibility in accomplishing the service line and function goals.
· Able to get things done in a fast-paced environment. Be transparent and open around what doesn't work and what does.
· Excellent organisational and leadership skills (successfully lead and managed end-to-end technology services and or technology operations) with ability to manage multiple deadlines and effectively prioritise.
· Experience of developing an effective stakeholder strategy, influencing relevant stakeholders and decision makers, and executing decisions efficiently and consistently.
· Ability to lead and control programme and/or project management in the context of a significant amount of change.
· Excellent communication skills - oral, written and presentation; technical reporting writing across various types of target audiences.
Apply now to join the Bank for those with big career ambitions.