SOAR Playbook Developer

Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better.

We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us!

Job Description

Job Description

Position Summary

As a Cybersecurity Playbook Developer, you will play a critical role in developing and maintaining automation playbooks, integrations, and other custom applications within the SOAR platform.  These playbooks will automate SOC analyst tasks needed to identify to multiple security incidents. You will collaborate closely with the SOC team to gather requirements and ensure playbooks are accurate, efficient, and reflect the latest security threats and best practices. Additional responsibilities will include supporting process improvement activities for the SOC incident response and ensuring quality and compliance to security best practices. 

Responsibilities:

Develop and maintain SOAR playbooks for automating security workflows and incident response.

Integrate SOAR with other security tools and platforms.

Create custom scripts to enhance SOAR functionality.

Troubleshoot and resolve SOAR issues.

Stay updated on SOAR features and best practices.

Test playbooks in DEV/QA environments.

Design and implement OT network solutions.

Configure and optimize network components.

Monitor network performance and ensure security.

Document network topologies and changes.

Collaborate with external service providers and our teams.

This position will report to the Execution Manager.

MUST Technical Skills:

Strong understanding of security technologies used in a SOC environment(SIEM, EDR, firewalls, and vulnerability management).

Experience with Cortex xSOAR (preferred) or other security orchestration platforms.

Experience with security concepts, frameworks (MITRE ATT&CK, etc.), and incident response methodologies.

Scripting and automation skills (Python, JavaScript, PowerShell).

Qualifications:

Minimum 4+ years in cybersecurity or related field.Experience with Cortex xSOAR or similar platforms.

Programming skills in Python or other scripting languages.

Knowledge of security concepts, frameworks, and incident response.

Familiarity with SOC tools (SIEM, EDR) are an added advantage.

Experience as a system engineer in OT networks.

Knowledge of network architectures, protocols, and technologies.

Certifications in Cisco, Fortinet, or similar are an added advantage.

Required Technical Skill:

Develop SOAR playbooks to automate security workflows and incident response processes.

Manage integrations between SOAR and other security tools and platforms.

Develop custom scripts and tasks to enhance the functionality of SOAR.

Help troubleshoot and resolve issues within the SOAR environment.

Collaborate with security analysts and engineers to understand their requirements.

Stay up-to-date with the latest SOAR features and best practices.

Help test playbooks in DEV\QA environments.

Certifications like CISSP, GSEC, CISM, or SOAR-specific certifications (Good To have).

Benefits:

• The ability to collaborate with, learn from colleagues in a complex, global organisation.
• We provide a working environment with a creative company, paired with a great compensation package, great benefits, and a supportive atmosphere where you can sharpen with new challenges and development opportunities.
• Corporate Social Responsibility opportunities.
• Support from our 24/7 employee assistance program.
• We are committed to equal employment opportunity regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles.

#LI-Hybrid

#LI-RS1

Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.