Sr. Soar Engineer

Job Description

The WBD SOAR Team enhances the efficiency of the WBD CSOC by managing and optimizing our ticketing and SOAR platform. The Cybersecurity Security Operations Center (CSOC) operates 24/7/365, providing continuous monitoring, detection, and incident response across WBD's network infrastructure, web applications, and endpoints. This role is responsible for supporting the CSOC by developing security tool integrations, automations, scripts, and playbook content within the SOAR platform, enabling faster, more effective incident response and investigative capabilities for the CSOC and IR teams.

Your Role Responsibilities:
• Serve as a technical engineer with a strong security operations background, driving the SOAR development lifecycle to support security operations and IR teams.
• Develop and maintain SOAR playbooks with a deep understanding of logic flows and automation processes.
• Apply expertise in CSOC workflows to enhance operational efficiency and response capabilities.
• Write, test, and maintain automation scripts and workflows within the SOAR platform.
• Author and maintain documentation for all scripts, integrations, and workflows.
• Design, implement, and standardize efficient and reusable Python code or other relevant programming languages.
• Review, test, debug, and resolve technical issues throughout all stages of the Software Development Life Cycle.
• Translate CSOC and IR requirements into actionable technical data and integration solutions for the SOAR platform.
• Develop API solutions that enhance efficiency and streamline operations for CSOC/IR teams and other business units.
• Design, test, and implement new playbooks for the Cybersecurity Operations Center.
• Collaborate with CSOC/IR leadership to gather SOAR requirements, prioritize enhancements, and define strategic improvements.
• Work closely with CSOC/IR teams to review and validate integrations, workflows, and scripts to ensure desired outcomes.
• Implement technical modifications to integrations, scripts, and workflows based on user feedback and evolving operational needs.

Qualifications & Experiences:
• 3-5 years of Technical Cybersecurity experience in Incident Response, Security Operations, Threat Intelligence, etc.
• Strong understanding of a variety of security tools and technologies (IDS/IPS, EDR, XDR, SIEM, Vuln Mgmt., etc.)
• Experience with scripting such as BASH, PowerShell, and Python.
• Strong RegEx/PCRE experience
• Ability to multi-task and prioritize work effectively.
• A track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
• Demonstrated exceptional written and verbal communication skills.
• Excellent interpersonal skills and the ability to work effectively with people in a wide range of levels.
• Experience administering Amazon Web Services (AWS) and/or Microsoft Azure.
• Familiarity with infrastructure as code tools, such as Terraform or CloudFormation.
• Experience deploying and correlating threat intelligence and vulnerability management solutions.

Not Required but preferred experience:
• Prior experience developing automation workflows
• Prior experience working with CI/CD pipelines and managing items in GitHub repositories
• Familiarity with streaming platforms and consumer services
• Experience working in a national or global company

Championing Inclusion at WBD
Warner Bros. Discovery embraces the opportunity to build a workforce that reflects a wide array of perspectives, backgrounds and experiences. Being an equal opportunity employer means that we take seriously our responsibility to consider qualified candidates on the basis of merit, without regard to race, color, religion, national origin, gender, sexual orientation, gender identity or expression, age, mental or physical disability, and genetic information, marital status, citizenship status, military status, protected veteran status or any other category protected by law.

If you're a qualified candidate with a disability and you require adjustments or accommodations during the job application and/or recruitment process, please visit our accessibility page for instructions to submit your request.

Jobcode: Reference SBJ-wp4x2k-18-222-58-240-42 in your application.