SOAR DevOps expertise within a CSIRT

15. Working standing up desk


Our service was provided in the CSIRT of a leader in the banking sector. The service tasks involved were as follows:

  • Develop and maintain the alert and SOAR (Security Orchestration Automation and Response) platform from development to monitoring in production;
  • Deploy and adapt this platform for the different regional and security business units;
  • Gather development needs from CSIRT members and from other security teams;
  • Integrate the various security tools into the platform;
  • Develop, test, implement and maintain
  • Document the platform (code, infrastructure) and define the roadmap.

The keys to success

Security expertise and an advanced understanding of security production issues in banking;
Proven DevOps expertise on high-volume security monitoring infrastructures;
Good interpersonal skills and excellent ability to adapt to deal with a large number of contact persons and address the complexity of the customer's organisation;
Good communication skills to support change management in projects.