We are seeking a Lead SOAR Automation Developer to drive the design, development, and optimization of automation workflows within our Security Orchestration, Automation, and Response (SOAR) platform. As a technical leader on the team, you will provide expert-level guidance in identifying innovative automation opportunities within SOC operations, leveraging advanced orchestration techniques to enhance detection, triage, and response workflows; mentor and upskill team members in SOAR development and automation best practices.
Responsibilities:
- Design, implement, and maintain SOAR playbooks to automate routine security tasks and incident response processes.
- Contribute to the strategic roadmap of the SOAR platform, including the expansion of automation capabilities.
- Develop and maintain integrations between the SOAR platform and various security tools such as SIEM, EDR, DLP and threat intelligence feeds.
- Collaborate with CSOC teams to identify automation opportunities and improve response times.
- Establish and enforce best practices for playbook design, code quality, and documentation.
- Work with cross-functional teams to gather requirements, design solutions, and ensure alignment with business objectives.
- Develop metrics to measure the effectiveness of automated workflows and identify areas of improvement.
- Provide training and documentation to CSOC analysts and other stakeholders on SOAR platform capabilities and playbook usage.
- Provides expert-level technical support to maintain our SOAR platform.
- Contribute to the growth and mentorship of other team members
Qualifications:
- Undergraduate degree in Computer Science or Information Technology-related field or equivalent combination of training and experience.
- Proficiency in scripting and programming languages (e.g., Python, JavaScript, PowerShell)
- Experience with REST APIs, webhooks, JSON and/or web application development.
- Familiarity with development workflows and patterns
- Strong problem-solving and analytical skills
- Demonstrated ability to lead projects, drive solutions, and communicate effectively with technical and non-technical stakeholders.
- Strong understanding of cybersecurity concepts
- Experience with SOAR platforms. e.g. Tines, Splunk SOAR, Cortex XSOAR
- Experience in security automation, incident response, or related fields.
- Experience with cloud environments (AWS, Azure, GCP)
- Relevant cybersecurity certifications
Special Factors
Sponsorship
Vanguard is not offering visa sponsorship for this position.
About Vanguard
At Vanguard, we don't just have a mission-we're on a mission.
To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.
How We Work
Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.
