Jobs

Interviews
Job Alerts
Tools

Upskill and Grow with AI

Mock Interview Practice interviews in realistic simulations

Coding Practice Improve your coding skills with challenges

Certification Earn certifications to validate your skills

AI Learning Get trained with AI expert sessions

Career Path AI insights for smarter career decisions

AI Job Match Score AI-Powered Job Match Against Your Resume and Optimize Your Resume

Career Tools and Resources

Resume Builder Build Professional Resume with Ease

ATS Friendliness Check Check Resume Friendliness for Applicant Tracking Systems

Auto Apply Apply to hundreds of jobs on any platform effortlessly

Co-Pilot (Chrome Extension) Your AI Assistant for Seamless Browsing Efficiency

Interview Questions Streamline interviews with ready-to-use questions

Salaries Discover market-driven salary insights across skillsets and geographies

Companies Explore leading companies actively hiring talent
For Employers

Home
>
Jobs in mumbai
>
IBM
>
Security Consultant - SIEM L3

Security Consultant - SIEM L3

IBM

6 - 11 years

9 - 14 Lacs

mumbai

Posted:3 days ago| Platform:

Apply

Skills Required

documentation rest python configuring endpoint security cloud security cyber security api integration soc microsoft azure siem cloud api incident response edr security engineering active directory gcp firewall threat hunting json aws

Work Mode

Work from Office

Job Type

Full Time

Job Description

Key Responsibilities

Platform Strategy & Engineering:

Act as the Subject Matter Expert (SME) and technical owner for the Cortex XSIAM, XSOAR, and XDR platforms.

Implement, and manage the entire Cortex ecosystem, ensuring seamless integration and data flow between XDR, XSOAR, and XSIAM.

Lead platform upgrades, performance tuning, and capacity planning to maintain a highly available and scalable security infrastructure.
Develop and enforce governance models, including user roles, access controls, and operational procedures.

Security Automation & Orchestration (XSOAR):

Design and deploy sophisticated automation playbooks in XSOAR to automate incident triage, investigation, and response across the enterprise.
Develop custom integrations using Python, REST APIs, and other methods to connect XSOAR with IT, cloud, and security systems (e.g., ITSM, Firewalls, Cloud IAM, Email Security).
Continuously refine and optimize automation playbooks to reduce manual tasks for the SOC, minimizing Mean Time to Respond (MTTR).
Create and maintain comprehensive documentation for all automations and integrations.

Extended Detection & Response (XDR) & Network Traffic Analysis (NTA):

Manage and optimize the Cortex XDR deployment for prevention, detection, and response across endpoints.

Configure and fine-tune the PaloAlto NTA platform to monitor network traffic, detect anomalous behavior, and identify devices.

Correlate endpoint data from XDR with network-level insights from NTA to build a multi-layered understanding of attacks.

Perform deep-dive investigations and threat hunts using the combined power of EDR and NTA telemetry.

Unified Data & Analytics (XSIAM):

Leverage XSIAM as the central data lake for security analytics, ensuring optimal data ingestion and normalization from XDR, XSOAR, and other sources.
Fine-tune high-fidelity detection rules using XQL (XSIAM Query Language) to identify advanced threats that span endpoints, network, and cloud.
Exploit the integrated AI/ML capabilities within XSIAM to uncover stealthy attack patterns and perform cross-correlation analysis.

Collaboration & Leadership:

Mentor SOC analysts and L2 engineers on effective use of the Cortex platform for investigation and response.
Translate threat intelligence and analyst workflows into technical requirements and platform enhancements.
Lead projects to enhance our security posture through the adoption of new Cortex features and capabilities.

Required education

Bachelor''s Degree

Preferred education

Master''s Degree

Required technical and professional expertise

Required Qualifications & Experience

6+ years
of hands-on experience in cybersecurity, with a focus on security engineering, SOC automation, or incident response.
3+ years
of proven, deep technical experience with the
Palo Alto Cortex
platform, specifically:
- XSOAR:
  Demonstrable experience in developing and coding complex playbooks. Proficiency with the XSOAR development environment is a must.
- XDR:
  Strong hands-on experience in managing the endpoint security platform, including policy configuration, agent troubleshooting, and incident analysis.
- XSIAM:
  Practical experience with data ingestion, writing XQL queries, and building custom detection rules.

NTA:

Good programming/scripting skills in
Python
for developing custom automations and API integrations will have added advantage.
Better understanding of REST APIs, JSON, and data structures.
Knowledge of modern attack vectors, the MITRE ATT&CK framework, and the incident response lifecycle.
Experience with cloud security concepts and platforms (AWS, Azure, or GCP).

Preferred technical and professional experience

Preferred Qualifications

Atleast one mandatory certification require or more Palo Alto Networks certifications:
- PCCSE
  (Cortex Certified Security Engineer)
- PCXSA
  (Cortex XSOAR Certified Automation Engineer)
- PCXSI
  (Cortex XSIAM Certified Administrator)
- PCDRA
  (Cortex XDR Certified Administrator)
Experience integrating security tools with IT infrastructure (e.g., Active Directory, SIEM, Proxies, Cloud APIs).
Excellent communication and documentation skills, with the ability to explain complex technical concepts to a variety of audiences.

More Jobs at IBM

Delivery Manager - RISK & Compliance - AML

Bengaluru

3 - 5 yrs

INR 5 - 7 Lacs

Delivery Manager-HUMAN Resources Operations

Bengaluru

6 - 10 yrs

INR 11 - 16 Lacs

Application Developer-Java & Web Technologies

Hyderabad

2 - 5 yrs

INR 7 - 11 Lacs

Deputy Manager Data Engineer - Analytics

Bengaluru

4 - 7 yrs

INR 10 - 15 Lacs

Data Scientist-Artificial Intelligence

Bengaluru

3 - 7 yrs

INR 14 - 18 Lacs

Mock Interview

Practice Video Interview with JobPe AI

Start Python Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.

Job Application AI Bot

Apply to 20+ Portals in one click

Download Now

Download the Mobile App

Instantly access job listings, apply easily, and track applications.

Enhance Your Python Skills

Practice Python coding challenges to boost your skills

Start Practicing Python Now

IBM

Information Technology

Armonk

Before You Leave... Find Your Perfect Job!

Login to

Please Verify Your Phone or Email

Confirm Action

Contact Us

Security Consultant - SIEM L3

Experience & Salary

Skills Required

Work Mode

Job Type

Job Description

Key Responsibilities

Platform Strategy & Engineering:

Security Automation & Orchestration (XSOAR):

Extended Detection & Response (XDR) & Network Traffic Analysis (NTA):

Unified Data & Analytics (XSIAM):

Collaboration & Leadership:

Required Qualifications & Experience

6+ years

3+ years

Palo Alto Cortex

XSOAR:

XDR:

XSIAM:

NTA:

Python

Preferred Qualifications

PCCSE

PCXSA

PCXSI

PCDRA

More Jobs at IBM