Python Developer/Automation Engineer

$101,400 - $183,300/Yr

Leidos - Ashburn, VA

posted 3 months ago

Full-time
Ashburn, VA
Professional, Scientific, and Technical Services

About the position

The U.S. Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a critical U.S. Government program dedicated to preventing, identifying, containing, and eradicating cyber threats to CBP networks. This is achieved through comprehensive monitoring, intrusion detection, and protective security services for CBP information systems, which encompass local area networks (LAN), wide area networks (WAN), commercial Internet connections, public-facing websites, wireless and mobile/cellular networks, cloud services, security devices, servers, and workstations. The CBP SOC is tasked with ensuring the overall security of CBP's enterprise-wide information systems, actively collecting, investigating, and reporting any suspected or confirmed security violations. Leidos is seeking a skilled Python Developer/Automation Engineer to join our highly technical Operations Enhancement team that supports the U.S. Customs and Border Protection (CBP). In this role, you will be responsible for developing, testing, and maintaining scripts and code that automate workflows, processes, and tasks within the Security Orchestration, Automation, and Response (SOAR) platform, which is essential for the effective operation of the CBP SOC. Your contributions will directly impact the efficiency and effectiveness of security operations, ensuring that the SOC can respond swiftly and effectively to cyber threats. As a Python Developer/Automation Engineer, you will author, test, and maintain automation scripts and workflows within the SOAR platform. You will design, implement, and maintain efficient and reusable Python code, review and debug technical issues throughout all stages of the Software Development Life Cycle (SDLC), and integrate the SOAR platform with other security tools and APIs to execute automated workflows. Collaboration with System Administrators, Engineers, and Information System Security Officers (ISSOs) will be crucial as you provision service accounts and grant necessary permissions. Additionally, you will assist in process development and improvement for Security Operations, which includes creating and modifying Standard Operating Procedures (SOPs), playbooks, and work instructions. You will also measure the effectiveness of process improvements and automation efforts through metrics and Key Performance Indicators (KPIs).

Responsibilities

  • Author, test, and maintain automation scripts/workflows within SOAR platform.
  • Design, implement, and maintain efficient and reusable Python code.
  • Review, debug, and resolve technical issues throughout all stages of SDLC.
  • Integrate SOAR platform with other security tools and APIs to execute automated workflows.
  • Coordinate with System Administrators, Engineers, and ISSOs to provision service accounts and/or grant required permissions.
  • Assist with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions.
  • Measure effectiveness of process improvement and automation efforts via metrics and KPIs.

Requirements

  • Expert proficiency with Python.
  • Working knowledge of SOAP/REST APIs, JSON, HTML/CSS, Javascript, XML.
  • Experience with SOAR platforms such as Swimlane, Phantom, Demisto, etc.
  • Experience as a SOC Analyst and/or Incident Responder.
  • Authored SOC SOPs, playbooks, work instructions and/or other process documents.
  • Familiarity with Splunk Search Processing Language (SPL) and/or Elastic Domain Specific Language (DSL).
  • General networking knowledge to include operation of routers, firewalls, DNS, DHCP, subnetting, VPN and Web Proxies.

Nice-to-haves

  • 2 years of experience serving as a SOC Analyst or Incident Responder.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service