Security Orchestration, Automation and Response (SOAR) SME in San Antonio, TX at Alion Science and Technology

Date Posted: 10/11/2019

Job Snapshot

  • Employee Type:
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:

Job Description

The candidate will serve as the on-site SOAR SME for integration of capacities related to USAF utilization of SOAR systems with JRSS and legacy AF systems. The candidate will monitor and report on status of all SOAR efforts, in particular Demisto, to include utilization of Demisto capabilities tailored to meet USAF requirements.  Will require daily interaction with vendor personnel to ensure the full range of capabilities are leveraged to meet USAF mission requirements with a goal of automation to improve identification and response times as well as reduce impact should an incident occur.  Candidate will be expected to analyze the latest attack vectors or indicators of compromise and develop approaches to detect them across the USAF’s diverse environment and endpoints.  Position is full-time during normal duty hours at Joint Base San Antonio.  Travel (less than 25%) is required for this position.

Job Requirements:

  • 8+ years’ experience in Information Security Engineering and/or Operations
  • Experience working with SIEM log aggregation, orchestration platforms (Demisto, Phantom, etc), Elastic tools (Kibana, Search, LogStash, etc), open source security software and general data management concepts
  • Experience with object-oriented languages such as Python, JS, Go, etc.
  • Knowledge of general concepts around risk and threat management and associated frameworks and standards (NIST, OWASP, ISO, etc)
  • Ability to write Demisto scripts, troubleshoot, train and support any other technical requests
  • Comfortable working in Linux/BSD environments

Preferred Qualifications:

  • Bachelor’s or advanced degree in one of the following areas: Computer Science, Computer Engineering, Software Engineering, Electrical Engineering, Computer and Information Security, Computer Security, and/or Network Administration from an accredited university/college
  • Knowledge of TCP/IP protocols and deeper knowledge of application layer (L7) protocols like HTTP, FTP, DNS etc
  • Deconstruction and analysis of network-based vulnerabilities and exploits
  • Experience in customer-facing roles
  • Experience as a Security Incident Responder or SOC analyst/manager

Next Steps

Next Steps


Join the Alion Talent Network today and stay up-to-date on our openings as they continue to become available! As a member of our network, you will receive alerts with new job opportunities that match your interests and have the ability to share job opportunities through social media or email. Join now!

Whether you choose to apply or just leave your information, we look forward to staying connected with you.