Title: XSOAR Developer

Duration: 6 months to start

Location: Toronto, ON

Summary:

This is a team of Technology partners of information security. This team supports tools info sec uses for Incident management, investigations, etc, Currently, they are implementing Palo Alto XSOAR as replacement for SOAR product. Project is going on, completed 6 months, just completed pilot, and in production to then move to a full-live. Project is in multiple phases. They’re going into phase 2 in November and they need additional hands.

This role is Developer role.

Day to Day:

• Writing playbooks, scripts, layouts, integrations -key 
• Deploying to different environments, supporting testing, supporting the production, implementation
• Working a as team member on a team, working on user stories (that are already lined up for second phase)

Must Haves:

• 3-4 years of core development experience
• 1-2 years of XSOAR experience, ideally developer experience working with the tool.
• Experience deploying and managing solutions and applications in a complex environment
• In-depth experience working in automation, playbooks, scripting using Python
• As long as person can write playbooks within excel. Tool comes with a lot of out of box playbooks, all depending on specific
• Doing scripting form within the platform – python. Use built in functionalities of the Palo Alto XSOAR tool
• Experience developing and using various API types, including REST and SOAP, different authentication mechanisms, and scaling
• Experience with Integrations using XML, JSON, feed files, and JDBC

Plusses:

• DevOps Tools including: Git, Artifactory, GitHub Actions, Azure DevOps, JIRA, Ansible
• Develop user friendly UI layouts and Data modelling, ETL, SQL, KQL
• Working knowledge on Azure App Service, Azure Functions, Azure APIM, Azure BLOB, Docker containerization, Key Vault integrations 
• Good command on common Linux utilities and commands. managing processes, and troubleshooting issues.
• Understanding TCP/IP, basic networking protocols such as IP, DNS, HTTP, FTP, SMTP, etc., and security solutions including end point protection, XDR, network/host-based firewalls, DLP, web proxies, and troubleshooting network issues
• Knowledge of Log management, SIEM and SOAR solutions such as Devo, ArcSight, MS Sentinel, FortiSOAR, XSOAR are strong assets
• Problem resolution and troubleshooting – can drive investigations independently, develop POC solutions and take those to design and implementation with little or no supervision.