Urgent for-Senior Software Engineer

Job Description

The Role Responsibilities Job Summary
• Support the delivery and contribute to maturing the Security Monitoring and Analytics automation strategy.
• Lead development activities as part of the SOAR project are delivered on time and according to requirements.
• Work closely with CSS service lines to identify, document, and implement use case requirements and playbooks for automation initiatives.
• Responsible for the architectural design of orchestration capabilities within the Security Monitoring and Analytics service in conjunction with the respective service managers across service lines and ensures all design patterns are appropriately documented and maintained in the corresponding repositories and these reflect both the current implementation and the intended target view.
• Responsible for the strategic evolution of the orchestration and automation capabilities within Security Monitoring and Analytics in alignment with changing business needs, threat land scape and technical requirements to increase the quality of the selected solutions concerning identify, protect, detect, respond & recovery domains.
• Develop fast, scalable and secure web based tools with modern web development techniques where process automation requires it keeping user expirence in mind.
• Build Web based tools using ReactJs wherever process automation requires user inputs.
• Build API integration for data enrichment across internal (e.g., CMDB, Active Directory) and external (e.g., VirusTotal, DomainTools) data sources.
• Build Web based Tools integration for data enrichment across internal (e.g., CMDB, Active Directory) and external (e.g., VirusTotal, DomainTools) data sources.
• Automate analysis, security testing, vulnerability discoveries, threat intelligence gathering and consuming threat feeds to track adversaries
• Leverage REST calls to various APIs for data enrichment and contexualize security alerts across internal (e.g., CMDB, Active Directory) and external (e.g., VirusTotal, DomainTools) data sources
• Document mapping and architecture between various integration points, document playbooks and actions they perform.
• Develop new and enhance existing Phantom playbooks in Python.
• Work closely with SIEM Content Engineering service to ensure close alignment in the alerting and orchestration.
• Work closely with service architect to map integrations and dependencies across security tools (e.g., Splunk, Tanium, Anomali), JIRA, and APIs.
• Conduct training sessions on new playbooks and integration with operations personnel.
• Ensure proper documentation is created and maintained for playbooks, integrations, and interfaces.
• Run daily agile sessions, sprint planning, and demos in the absence of product / program manager.
• Support the Cyber Threat Use Case Manager, Cyber Defence Analysts, and Threat Intel Analysts in designing and implementing threat use cases.
• Develop and gather requirements for threat use cases to detect adversary behaviours.
• Maintain the threat use case library to ensure use cases are properly enriched, mapped to Mitre Att&ck, and operating correctly.
• Work closely with Threat Intelligence, Cyber Defense Center, and business stakeholders to identify potential threat scenarios and translate them into threat use cases.
• Work closely with other service lines to continuously enhance threat use cases as new products, logs, and capabilities are introduced to the organization.
• Identify and improve orchestration, data enrichment and triage capabilities through SOAR platform.
• Ensure proper documentation is created and maintained for playbooks, integrations, and interfaces.
• The desired candidate is an organized, self-driven individual with a proven ability to achieve development objectives. They will have the ability to be successful while working independently or as part of a team and will be able to adapt quickly to shifts in priorities and/objectives. They will be passionate about learning and applying their technical skills and experiences to solve real-world problems, and possess strong listening, verbal, & written communication skills.
Responsibilities Strategy
• Lead development activities as part of the Case Management-SPOG project are delivered on time and according to requirements.
Business
• Work closely with CSS service lines to identify, document, and implement use case requirements and playbooks for automation initiatives.
Processes
• Document mapping and architecture between various integration points, document playbooks and actions they perform.
Risk Management
• Follow standard operating procedures defined by CSS SMA risk team
Governance
• Follow standard operating procedures defined for CSS SMA
Regulatory & Business Conduct
• Display exemplary conduct and live by the Group s Values and Code of Conduct .
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Lead to achieve the outcomes set out in the Bank s Conduct Principles : [Fair Outcomes for Clients; Effective Financial Markets; Financial Crime Compliance; The Right Environment.] *
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.
Key stakeholders
• Cyber Defence Centre (CDC)
• Security Monitoring & Analytics
• Other teams within Cyber Defence & Ops Technology
Our Ideal Candidate
• Minimum 5 year experience in full stack web development with a preference in Python language.
• Proficiency in Python Frameworks like Flask or Django.
• Strong UI Development Skills with CSS, HTML5, Javascript and UI Frameworks like ReactJS/AngularJS.
• Proficiency in working with one or more of the following components like RabbitMQ, Redis, Elastic Search / Splunk, PostgreSQL/MySQL, Nginx, Kong API Gateway.
• Experience with developing in Cloud Native Environments like Kubernetes / Openshift.
• Experience with OAuth2, OpenID and related authentication technologies used in securing web applications.
• Good understanding of security technologies that support security operations (e.g., SIEM, Threat Intelligence Platform, Malware Analysis, Endpoint Detection and Response Solutions)
• Experience with SOAR platforms (e.g. Phantom, Demisto, Reslient) Preferred.
• Experience with Splunk and strong understanding of Splunk SPL Preferred.
• Understanding of Cloud Services (AWS / Google / Azure).
• Understanding of Machine Learning Concepts.
• Must be motivated, independent and self-sufficient. Able to receive an assigned task and see it through to completion with minimal supervision.
• Excellent communication skills oral, written and presentation; technical reporting writing across various types of target audiences.
• Strong sense of personal ownership and responsibility in accomplishing the service line and function goals.
• Able to get things done in a fast-paced environment. Be transparent and open around what doesn t work and what does.
• Excellent organisational and leadership skills (successfully lead and managed end-to-end technology services and or technology operations) with ability to manage multiple deadlines and effectively prioritise.
• Experience of developing an effective stakeholder strategy, influencing relevant stakeholders and decision makers, and executing decisions efficiently and consistently.
Role Specific Technical Skills And Competencies
• Web Development with HTML, CSS, Javascript
• Python Flask / Django / FastAPI
• ReactJs / AngularJs Javascript Frameworks
• Authentication / Authorization with OAuth2 / OpenID
• Data Engineering Tools like Airflow, Apache Spark (Databricks)
• Cloud Native Environments like Kubernetes / Openshift
• Machine Learning Exposure / AIOps
,

Keyskills :
sql serverjavasqlcustomer relationsjavascriptstandard operating proceduresuse casesapache sparkcyber defenseui developmentweb development