7 Cortex Xsoar Jobs

As a Security Engineer at Oracle Cloud Infrastructure (OCI), you will be at the forefront of designing and building secure cloud systems that support global business operations. You will drive the planning, implementation, and continual improvement of robust security architectures-leveraging automation, orchestration, and AI to protect network and computing environments. In this role, you will leverage Oracle Cloud services (OCI), and Palo Alto Networks Cortex XSOAR to deliver next-generation security automation. You will work closely with security operations, engineering, and compliance teams to ensure timely detection and mitigation of threats, while also streamlining and optimizing security workflows using cutting-edge tools and methodologies. Key Responsibilities Lead automation and orchestration of security processes, utilizing XSOAR to reduce manual efforts and accelerate incident response. Plan, design, and build security architecture for network, infrastructure, and cloud environments in OCI. Oversee implementation of enterprise security controls and solutions, ensuring adherence to Oracle's security policies and industry standards. Collaborate in the development and enhancement of incident response capabilities, contributing to playbook design, tool selection, and team training. Research, track, and manage information security threats and vulnerabilities, leveraging both technical analysis and threat intelligence. Participate in incident response, root cause analysis, and workflow optimization, coordinating with cross-functional teams and escalating as needed. Develop and maintain scripts, tools, and AI-powered solutions to automate security monitoring, alerting, and response processes. Continuously assess and enhance security controls in alignment with the latest industry trends, risks, and compliance mandates (e.g., ISO 27001, SOC 2, HITRUST, FedRAMP). Recommend and implement security control improvements across Oracle's business lines to ensure a strong, proactive security posture. Required Qualifications 5+ years of progressive experience in information security, with hands-on roles supporting enterprise engineering. Proven expertise designing and implementing large-scale security solutions cloud-centric environments. Strong experience with programming and scripting (Python required) Substantial experience with security automation and orchestration frameworks, particularly Cortex XSOAR. In-depth knowledge of regulatory and compliance requirements (ISO 27001, SOC 2, HITRUST, FedRAMP) and application in cloud (SaaS, PaaS, and IaaS) operations. Familiarity with SDLC, DevSecOps practices, and modern CI/CD pipelines. Preferred Qualifications Master's degree or additional certifications (e.g., CISSP, CISM, CCSP, AWS/Azure Architect). Experience integrating AI/ML solutions into security operations. Demonstrated success developing and deploying automation tools to streamline SecOps. Experience using PAN XSOAR. Lead automation and orchestration of security processes, utilizing XSOAR to reduce manual efforts and accelerate incident response. Plan, design, and build security architecture for network, infrastructure, and cloud environments in OCI. Oversee implementation of enterprise security controls and solutions, ensuring adherence to Oracle's security policies and industry standards. Collaborate in the development and enhancement of incident response capabilities, contributing to playbook design, tool selection, and team training. Research, track, and manage information security threats and vulnerabilities, leveraging both technical analysis and threat intelligence. Participate in incident response, root cause analysis, and workflow optimization, coordinating with cross-functional teams and escalating as needed. Develop and maintain scripts, tools, and AI-powered solutions to automate security monitoring, alerting, and response processes. Continuously assess and enhance security controls in alignment with the latest industry trends, risks, and compliance mandates (e.g., ISO 27001, SOC 2, HITRUST, FedRAMP). Recommend and implement security control improvements across Oracle's business lines to ensure a strong, proactive security posture. Career Level - IC3

As a Security Engineer at Oracle Cloud Infrastructure (OCI), you will be at the forefront of designing and building secure cloud systems that support global business operations. You will drive the planning, implementation, and continual improvement of robust security architectures-leveraging automation, orchestration, and AI to protect network and computing environments. In this role, you will leverage Oracle Cloud services (OCI), and Palo Alto Networks Cortex XSOAR to deliver next-generation security automation. You will work closely with security operations, engineering, and compliance teams to ensure timely detection and mitigation of threats, while also streamlining and optimizing security workflows using cutting-edge tools and methodologies. Key Responsibilities Lead automation and orchestration of security processes, utilizing XSOAR to reduce manual efforts and accelerate incident response. Plan, design, and build security architecture for network, infrastructure, and cloud environments in OCI. Oversee implementation of enterprise security controls and solutions, ensuring adherence to Oracle's security policies and industry standards. Collaborate in the development and enhancement of incident response capabilities, contributing to playbook design, tool selection, and team training. Research, track, and manage information security threats and vulnerabilities, leveraging both technical analysis and threat intelligence. Participate in incident response, root cause analysis, and workflow optimization, coordinating with cross-functional teams and escalating as needed. Develop and maintain scripts, tools, and AI-powered solutions to automate security monitoring, alerting, and response processes. Continuously assess and enhance security controls in alignment with the latest industry trends, risks, and compliance mandates (e.g., ISO 27001, SOC 2, HITRUST, FedRAMP). Recommend and implement security control improvements across Oracle's business lines to ensure a strong, proactive security posture. Required Qualifications 5+ years of progressive experience in information security, with hands-on roles supporting enterprise engineering. Proven expertise designing and implementing large-scale security solutions cloud-centric environments. Strong experience with programming and scripting (Python required) Substantial experience with security automation and orchestration frameworks, particularly Cortex XSOAR. In-depth knowledge of regulatory and compliance requirements (ISO 27001, SOC 2, HITRUST, FedRAMP) and application in cloud (SaaS, PaaS, and IaaS) operations. Familiarity with SDLC, DevSecOps practices, and modern CI/CD pipelines. Preferred Qualifications Master's degree or additional certifications (e.g., CISSP, CISM, CCSP, AWS/Azure Architect). Experience integrating AI/ML solutions into security operations. Demonstrated success developing and deploying automation tools to streamline SecOps. Experience using PAN XSOAR. Lead automation and orchestration of security processes, utilizing XSOAR to reduce manual efforts and accelerate incident response. Plan, design, and build security architecture for network, infrastructure, and cloud environments in OCI. Oversee implementation of enterprise security controls and solutions, ensuring adherence to Oracle's security policies and industry standards. Collaborate in the development and enhancement of incident response capabilities, contributing to playbook design, tool selection, and team training. Research, track, and manage information security threats and vulnerabilities, leveraging both technical analysis and threat intelligence. Participate in incident response, root cause analysis, and workflow optimization, coordinating with cross-functional teams and escalating as needed. Develop and maintain scripts, tools, and AI-powered solutions to automate security monitoring, alerting, and response processes. Continuously assess and enhance security controls in alignment with the latest industry trends, risks, and compliance mandates (e.g., ISO 27001, SOC 2, HITRUST, FedRAMP). Recommend and implement security control improvements across Oracle's business lines to ensure a strong, proactive security posture. Career Level - IC3

As a Security Engineer at Oracle Cloud Infrastructure (OCI), you will be at the forefront of designing and building secure cloud systems that support global business operations. You will drive the planning, implementation, and continual improvement of robust security architectures-leveraging automation, orchestration, and AI to protect network and computing environments. In this role, you will leverage Oracle Cloud services (OCI), and Palo Alto Networks Cortex XSOAR to deliver next-generation security automation. You will work closely with security operations, engineering, and compliance teams to ensure timely detection and mitigation of threats, while also streamlining and optimizing security workflows using cutting-edge tools and methodologies. Key Responsibilities Lead automation and orchestration of security processes, utilizing XSOAR to reduce manual efforts and accelerate incident response. Plan, design, and build security architecture for network, infrastructure, and cloud environments in OCI. Oversee implementation of enterprise security controls and solutions, ensuring adherence to Oracle's security policies and industry standards. Collaborate in the development and enhancement of incident response capabilities, contributing to playbook design, tool selection, and team training. Research, track, and manage information security threats and vulnerabilities, leveraging both technical analysis and threat intelligence. Participate in incident response, root cause analysis, and workflow optimization, coordinating with cross-functional teams and escalating as needed. Develop and maintain scripts, tools, and AI-powered solutions to automate security monitoring, alerting, and response processes. Continuously assess and enhance security controls in alignment with the latest industry trends, risks, and compliance mandates (e.g., ISO 27001, SOC 2, HITRUST, FedRAMP). Recommend and implement security control improvements across Oracle's business lines to ensure a strong, proactive security posture. Required Qualifications 5+ years of progressive experience in information security, with hands-on roles supporting enterprise engineering. Proven expertise designing and implementing large-scale security solutions cloud-centric environments. Strong experience with programming and scripting (Python required) Substantial experience with security automation and orchestration frameworks, particularly Cortex XSOAR. In-depth knowledge of regulatory and compliance requirements (ISO 27001, SOC 2, HITRUST, FedRAMP) and application in cloud (SaaS, PaaS, and IaaS) operations. Familiarity with SDLC, DevSecOps practices, and modern CI/CD pipelines. Preferred Qualifications Master's degree or additional certifications (e.g., CISSP, CISM, CCSP, AWS/Azure Architect). Experience integrating AI/ML solutions into security operations. Demonstrated success developing and deploying automation tools to streamline SecOps. Experience using PAN XSOAR. Lead automation and orchestration of security processes, utilizing XSOAR to reduce manual efforts and accelerate incident response. Plan, design, and build security architecture for network, infrastructure, and cloud environments in OCI. Oversee implementation of enterprise security controls and solutions, ensuring adherence to Oracle's security policies and industry standards. Collaborate in the development and enhancement of incident response capabilities, contributing to playbook design, tool selection, and team training. Research, track, and manage information security threats and vulnerabilities, leveraging both technical analysis and threat intelligence. Participate in incident response, root cause analysis, and workflow optimization, coordinating with cross-functional teams and escalating as needed. Develop and maintain scripts, tools, and AI-powered solutions to automate security monitoring, alerting, and response processes. Continuously assess and enhance security controls in alignment with the latest industry trends, risks, and compliance mandates (e.g., ISO 27001, SOC 2, HITRUST, FedRAMP). Recommend and implement security control improvements across Oracle's business lines to ensure a strong, proactive security posture. Career Level - IC3

Hi , As per response to your profile which is uploaded in Job portals. We have an excellent job openings for XSOAR -Bangalore Location in IT MNC If your already received email or not looking for job change/ irrelevant - please ignore it. Note: Apply for only Relevant & interested candidates. Job Description: Skill:- Cybersecurity,Azure Sentinel SIEM,MS Defender for Endpoints (EDR/ATP),AWS IAM,SOAR Concept,Fortinet FortiSOAR,Palo Alto Networks - Firewalls,Cortex XSOAR,Python. We are seeking a Cybersecurity Analyst with 1-6years of experience in fundamental cybersecurity concepts, including SIEM, EDR, IAM, and SOAR platforms. The ideal candidate should have a basic understanding of security automation and orchestration using platforms like FortiSOAR, Palo Alto XSOAR, and ThreatConnect (preferred). Experience with SOAR play book creation , integration etc. Additionally, knowledge of Python scripting for automation and security tasks will be an added advantage. Those who have relevant experience and Skills, as mentioned above please revert back soon. It"s a kind request, Please provide the below mentioned details in Ur CV/mail before u send it to us. Total Exp: Relevant Exp:- Current Company: Current CTC: Expected CTC: Current Location: Preferred location: Bangalore Notice Period: DOB: Degree: Many Thanks Regards Sreenivas Sreenivasa.k@happiestminds.com

In this vital role, you will collaborate closely with cybersecurity departments to identify and define automation requirements that streamline security processes and incident responses. You will create and refine automation playbooks using low-code platforms, integrate new and existing security tools, and develop custom APIs to ensure seamless inter-connectivity among systems. Additionally, you will engage in the selection and tuning of machine learning algorithms tailored to address specific security challenges faced by the organization. A key component of the role is to maintain up-to-date technical documentation and user guides to support the ongoing use and understanding of automated systems. As the Security Automation Engineer, you must also keep abreast of the latest cybersecurity trends and technologies, sharing insights and best practices with the team to continually enhance the organization's security posture. Roles & Responsibilities Create playbooks using a low-code platform to streamline security operations. Integrate new and existing security tools and platforms; Design, code, and integrate custom APIs. Create technical documentation and user guides. Continuously monitor and maintain the automation platform and ensure that all systems and applications are up to date with the latest security patches and updates. Ensure compliance with relevant regulations (e.g., GDPR, HIPAA) and industry standards (e.g., ISO 27001, NIST). Keep up to date with the latest security threats, trends, and technologies, and provide recommendations for improving security operations. Triage issues found by tools, external reports, and various tests, to accurately assess the real risks. Offer remediation guidance to partners for identified issues and serve as an escalation resource for developers as they reduce issues. Basic Qualifications Education and Experience:Master's degree and 1 to 3 years of directly related experience; OR Bachelor's degree and 3 to 5 years of directly related experience; OR Diploma and 7 to 9 years of directly related experience. Must-Have Skills Proficiency in Python scripting and automation. Experience with REST API technology. Experience with Linux is a MUST. Experience with Security Orchestration Automation and Response (SOAR) tools (e.g., Swimlane, Cortex XSOAR, etc.). Experience with development of automation playbooks and integrating multiple security tools to enhance efficiency and effectiveness. Preferred Qualifications Knowledge of cybersecurity frameworks, technologies, and best practices. Experience in risk management, incident response, and security governance. Knowledge of security architecture frameworks and principles. Professional Certifications CEH (preferred) CompTIA Security+ (preferred) RHCSA (preferred) CISSP (preferred) Soft Skills Excellent analytical and troubleshooting skills. Strong verbal and written communication skills. Ability to work effectively with global, virtual teams. High degree of initiative and self-motivation. Ability to manage multiple priorities successfully. Team-oriented, with a focus on achieving team goals. Strong presentation and public speaking skills.

What you will do Role Description: In this vital role you will collaborate closely with cybersecurity departments to identify and define automation requirements that streamline security processes and incident responses. The engineer will create and refine automation playbooks using low-code platforms, integrate new and existing security tools, and develop custom APIs to ensure seamless inter-connectivity among systems. Additionally, the engineer will engage in the selection and tuning of machine learning algorithms tailored to address specific security challenges faced by the organization. A key component of the role is to maintain up-to-date technical documentation and user guides to support the ongoing use and understanding of automated systems. The Security Automation Engineer must also keep abreast of the latest cybersecurity trends and technologies, sharing insights and standard processes with the team to continually enhance the organizations security posture. Roles & Responsibilities: Create playbooks using a low-code platform to streamline security operations Integrate new and existing security tools and platforms; Design, code, and integrate custom APIs. Create technical documentation and user guides. Continuously monitor and maintain the automation platform and ensure that all systems and applications are up to date with the latest security patches and updates. Ensure compliance with relevant regulations (e.g., GDPR, HIPAA) and industry standards (e.g., ISO 27001, NIST). Keep up to date with the latest security threats, trends, and technologies, and provide recommendations for improving security operations. Triage issues found by tools, external reports, and various tests, to accurately assess the real risks. Offer remediation guidance to partners for identified issues and serve as a customer concern resource for developers as they reduce issues. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Masters degree and 1 to 3 years of directly related experience OR Bachelors degree and 3 to 5 years of directly related experience OR Diploma and 7 to 9 years of directly related experience. Must-Have Skills: Proficiency in Python scripting and automation Experience with REST API technology Experience with Linux is a MUST Experience with Security Orchestration Automation and Response (SOAR) tools (e.g. Swimlane, Cortex XSOAR, etc.) Experience with development of automation playbooks and integrating multiple security tools to enhance efficiency and effectiveness Preferred Qualifications: Knowledge of cybersecurity frameworks, technologies, and standard methodologies Experience in risk management, incident response, and security governance Knowledge of security architecture frameworks and principles Professional Certifications: CEH (preferred) CompTIA Security+ (preferred) RHCSA (preferred) CISSP (preferred) Soft Skills: Excellent analytical and troubleshooting skills Strong verbal and written communication skills Ability to work effectively with global, virtual teams High degree of initiative and self-motivation Ability to manage multiple priorities successfully Team oriented, with a focus on achieving team goals Strong presentation and public speaking skills

Investigate, hunt, and lead escalated incident response using advanced threat detection from SIEM, EDR, NDR platforms. Develop and manage custom detection use cases aligned to threat frameworks and customer environments. Key Responsibilities: Monitoring, Investigation & Triage Triage and correlate alerts from SIEM (QRadar/Sentinel), EDR, and NDR Identify lateral movement, C2 activity, and data exfiltration Lead incident investigations and initiate containment measures Threat Hunting & Detection Engineering Proactive hunting using logs, flow data, and behavior analytics Apply MITRE ATT&CK for hypothesis-driven hunts Develop, test, and optimize custom detection rules Maintain a backlog aligned with emerging threats Tool Proficienc y SIEM: Advanced KQL/AQL queries, rule tuning, alert optimization EDR: Defender for Endpoint binary/process analysis, endpoint containment NDR: Darktrace/LinkShadow behavioral baselining, detection logic SOAR: Sentinel Playbooks / Cortex XSOAR for automated workflows Cloud Security: Azure AD alerts, MCAS, Defender for Cloud, M365 Defender Threat Intelligence Integration IOC/TTP enrichment Threat intel feed integration Contextual alert correlation Reporting & RCA Draft technical incident reports and RCAs Executive-level summaries for major incidents Cloud Security (Optional): Investigate alerts like impossible travel, app consent abuse Respond to cloud-native security incidents using Defender for Cloud, MCAS Create advanced SOAR workflows and playbook Tool Familiarity QRadar Microsoft Sentinel Microsoft Defender for Endpoint LinkShadow or Darktrace EOP/Exchange protection Antivirus platforms Defender for Identity / Defender for Cloud Advanced SOAR workflows (Sentinel playbooks / Cortex XSOAR) Network forensic tools like Wireshark / Zeek Certifications (Preferred): GCIH / GCIA / CEH Microsoft SC-200 / SC-100 QRadar Admin or equivalent Shift Readiness: 24x7 rotational shifts, including on-call support for escalations and major incidents Soft Skills: Strong analytical and documentation skills Proactive communicator Independent problem-solver and critical thinker