SOAR Engineer / Security Automation EngineerThe hiring manager is looking for a Security Automation platform engineer with 3+ years of experience, who embodies a true passion for cyber security and approaches platform engineering with a curious mindset. Essential qualifications include a solid working knowledge of Linux systems and proficiency inDocker/Podman, Elastic Search and Python.This role is situated within our Security Operation Centre (SOC), offering an exciting opportunity for the chosen candidate to contribute their expertise to a dynamic environment dedicated to upholding robust security measures.You will collaborate with technologists from across the business including infrastructure engineers, architects, developers, and security analysts. You will focus on deploying a resilient platform to support CIRT team, maintaining/upgrading our SOAR platform, developing playbooks, as well as integrations to automate manual efforts that cuts across several security pillars (endpoint protection, data protection, network & application security, email protection, cloud and identity access management).Responsibilities:>Develop playbooks and automation in SOAR with analysts to improve efficiency of the SOC>Design and develop integrations to connect to internal and external services.>Monitor and support SOAR platform.>Work alongside incident response analysts to improve the automated response to security incidents.>Research techniques to improve resiliency of our platform.>Develop automation scripts to meet the requirements of the CIRT team.#LI-SK1Required Skills & QualificationsSoft skills>Passionate interest in cyber security>Strong interpersonal skills and ability to communicate complex ideas to all levels of the business.>Curiosity, enthusiasm, a pro-active attitude and a personal development drive.>Good team collaboration skills, and an excellent independent worker>Ability to multi-task and prioritize work effectively.Technical Skills>Hands-on experience with multiple programming/scripting languages, including Python and Bash>Good understanding of a variety of network and security appliances including SIEM, IDS, etc>Experience managing complex security solutions in large enterprise environments.>Bachelor Degree in Computer Science, Engineering, or any related discipline; or equivalent combination of work experience and certifications.>Good understanding of HTTP, REST APIs, JSON>Good working knowledge of Linux administration>Demonstrated experience with Regex and data parsing.>Experience using Git for code review and version control** You will be required to be on-site at least three days a week.Desired Job Skills>1-2 years experience working within a Security Operation Centre (SOC)>Experience with other relevant SOAR platforms>Experience with multiple cloud technologies and security appliances>Awareness of networking protocols and technologies>Security tool FAQ and Support Documentation>Hands-on experience with other SOAR platforms>Good knowledge of public cloud>Experience creating playbooks to respond to security incidents>Familiarity with ansibleMorgan Stanley's goal is to build and maintain a workforce that is diverse in experience and background but uniform in reflecting our standards of integrity and excellence. Consequently, our recruiting efforts reflect our desire to attract and retain the best and brightest from all talent pools. We want to be the first choice for prospective employees.It is the policy of the Firm to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, religion, creed, age, sex, sex stereotype, gender, gender identity or expression, transgender, sexual orientation, national origin, citizenship, disability, marital and civil partnership/union status, pregnancy, veteran or military service status, genetic information, or any other characteristic protected by law.Morgan Stanley is an equal opportunity employer committed to diversifying its workforce (M/F/Disability/Vet).#LI-SK1
