SOAR Automation Engineer

About the position

The SOAR Automation Engineer at Global Payments will be responsible for designing, building, and managing automated workflows to enhance the efficiency and effectiveness of the Cyber Security division. This role involves developing and maintaining automated responses to both common and complex security threats, optimizing the incident response process, and ensuring streamlined operations across the organization's global payment ecosystem.

Responsibilities

• Create and implement SOAR playbooks for various security use cases, including phishing, malware analysis, insider threat response, and other automated processes required across Cyber Security.
• Work with teams in SOC, SIEM, Insider Threat, and Incident Response to gather requirements and ensure that automation aligns with security needs and business objectives.
• Oversee the SOAR platform, optimizing integrations with other security tools and maintaining robust performance through updates and customizations.
• Identify opportunities for further automation to reduce manual workloads, speed up response times, and enable teams to prioritize high-impact threats.
• Provide guidance to junior team members by sharing SOAR best practices, troubleshooting techniques, and fostering a culture of continuous improvement.
• Track SOAR platform performance, report on efficiency gains, and provide insights on ROI from automation efforts.

Requirements

• Hands-on experience with SOAR platforms (e.g., Palo Alto Cortex XSOAR, Splunk Phantom, IBM Resilient).
• Understanding of incident response, particularly in high-stakes environments like financial or global payments.
• Proficiency in Python, JavaScript, or other languages commonly used in SOAR playbook development.
• Experience with SIEM, EDR, threat intelligence, and other tools commonly integrated into SOAR.
• Ability to translate technical requirements into actionable automation solutions for stakeholders across Cyber Security.
• Highly analytical mindset with strong problem-solving abilities, able to troubleshoot complex technical issues.
• Strong organizational skills and experience managing multiple projects, ensuring timely and efficient completion of automation initiatives.
• Precision in creating workflows and playbooks, ensuring accurate and reliable automation of security responses.
• Excellent interpersonal skills to work effectively with diverse teams and stakeholders within Cyber Security and beyond.

Nice-to-haves

• Relevant industry certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), GIAC Certified Incident Handler (GCIH), or certifications specific to SOAR platforms like Palo Alto or Splunk.

Benefits

• Medical, dental and vision care
• EAP programs
• Paid time off
• Recognition programs
• Retirement and investment options
• Charitable gift matching programs
• Worldwide days of service