Jobs

Interviews
Job Alerts
Tools

Upskill and Grow with AI

Mock Interview Practice interviews in realistic simulations

Coding Practice Improve your coding skills with challenges

Certification Earn certifications to validate your skills

AI Learning Get trained with AI expert sessions

Career Path AI insights for smarter career decisions

AI Job Match Score AI-Powered Job Match Against Your Resume and Optimize Your Resume

Career Tools and Resources

Resume Builder Build Professional Resume with Ease

ATS Friendliness Check Check Resume Friendliness for Applicant Tracking Systems

Auto Apply Apply to hundreds of jobs on any platform effortlessly

Co-Pilot (Chrome Extension) Your AI Assistant for Seamless Browsing Efficiency

Interview Questions Streamline interviews with ready-to-use questions

Salaries Discover market-driven salary insights across skillsets and geographies

Companies Explore leading companies actively hiring talent
For Employers

Home
>
Jobs in mumbai
>
IBM
>
Security Consultant - SIEM L3

Security Consultant - SIEM L3

IBM

6 - 11 years

9 - 14 Lacs

mumbai

Posted:5 days ago| Platform:

Apply

Skills Required

siem rest python cloud security endpoint security soc security automation ai firewalls subject matter expert cybersecurity incident response automation iam active directory gcp mean json aws data lake it infrastructure azure

Work Mode

Work from Office

Job Type

Full Time

Job Description

Key Responsibilities

Platform Strategy & Engineering:

Act as the Subject Matter Expert (SME) and technical owner for the Cortex XSIAM, XSOAR, and XDR platforms.

Implement, and manage the entire Cortex ecosystem, ensuring seamless integration and data flow between XDR, XSOAR, and XSIAM.

Lead platform upgrades, performance tuning, and capacity planning to maintain a highly available and scalable security infrastructure.
Develop and enforce governance models, including user roles, access controls, and operational procedures.

Security Automation & Orchestration (XSOAR):

Design and deploy sophisticated automation playbooks in XSOAR to automate incident triage, investigation, and response across the enterprise.
Develop custom integrations using Python, REST APIs, and other methods to connect XSOAR with IT, cloud, and security systems (e.g., ITSM, Firewalls, Cloud IAM, Email Security).
Continuously refine and optimize automation playbooks to reduce manual tasks for the SOC, minimizing Mean Time to Respond (MTTR).
Create and maintain comprehensive documentation for all automations and integrations.

Extended Detection & Response (XDR) & Network Traffic Analysis (NTA):

Manage and optimize the Cortex XDR deployment for prevention, detection, and response across endpoints.

Configure and fine-tune the PaloAlto NTA platform to monitor network traffic, detect anomalous behavior, and identify devices.

Correlate endpoint data from XDR with network-level insights from NTA to build a multi-layered understanding of attacks.

Perform deep-dive investigations and threat hunts using the combined power of EDR and NTA telemetry.

Unified Data & Analytics (XSIAM):

Leverage XSIAM as the central data lake for security analytics, ensuring optimal data ingestion and normalization from XDR, XSOAR, and other sources.
Fine-tune high-fidelity detection rules using XQL (XSIAM Query Language) to identify advanced threats that span endpoints, network, and cloud.
Exploit the integrated AI/ML capabilities within XSIAM to uncover stealthy attack patterns and perform cross-correlation analysis.

Required education

Bachelor''s Degree

Preferred education

Master''s Degree

Required technical and professional expertise

Required skills: Required Qualifications & Experience

6+ years of hands-on experience in cybersecurity, with a focus on security engineering, SOC automation, or incident response.

3+ years of proven, deep technical experience with the Palo Alto Cortex platform, specifically:

XSOAR: Demonstrable experience in developing and coding complex playbooks. Proficiency with the XSOAR development environment is a must.

XDR: Strong hands-on experience in managing the endpoint security platform, including policy configuration, agent troubleshooting, and incident analysis.

XSIAM: Practical experience with data ingestion, writing XQL queries, and building custom detection rules.
o NTA: Demonstrable experience in deploying, configuring, and using a network traffic analysis tool for threat detection (Palo Alto NTA Security preferred).

Good programming/scripting skills in Python for developing custom automations and API integrations will have added advantage.

Better understanding of REST APIs, JSON, and data structures.

Knowledge of modern attack vectors, the MITRE ATT&CK framework, and the incident response lifecycle.

Experience with cloud security concepts and platforms (AWS, Azure, or GCP).

Preferred technical and professional experience

Preferred:

Atleast one mandatory certification require or more Palo Alto Networks certifications:

PCCSE (Cortex Certified Security Engineer)

PCXSA (Cortex XSOAR Certified Automation Engineer)

PCXSI (Cortex XSIAM Certified Administrator)

PCDRA (Cortex XDR Certified Administrator)

Experience integrating security tools with IT infrastructure (e.g., Active Directory, SIEM, Proxies, Cloud APIs).

Excellent communication and documentation skills, with the ability to explain complex technical concepts to a variety of audiences.

More Jobs at IBM

Delivery Manager - RISK & Compliance - AML

Bengaluru

3 - 5 yrs

INR 5 - 7 Lacs

Delivery Manager-HUMAN Resources Operations

Bengaluru

6 - 10 yrs

INR 11 - 16 Lacs

Application Developer-Java & Web Technologies

Hyderabad

2 - 5 yrs

INR 7 - 11 Lacs

Deputy Manager Data Engineer - Analytics

Bengaluru

4 - 7 yrs

INR 10 - 15 Lacs

Data Scientist-Artificial Intelligence

Bengaluru

3 - 7 yrs

INR 14 - 18 Lacs

Mock Interview

Practice Video Interview with JobPe AI

Start Python Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.

Job Application AI Bot

Apply to 20+ Portals in one click

Download Now

Download the Mobile App

Instantly access job listings, apply easily, and track applications.

Enhance Your Python Skills

Practice Python coding challenges to boost your skills

Start Practicing Python Now

IBM

Information Technology

Armonk

Login to

Please Verify Your Phone or Email

Confirm Action

Security Consultant - SIEM L3