21 Xsoar Jobs

Job description: Job Title: SOAR Automation Engineer Location: Delhi, India Experience: 2-5 years Employment Type: Full-Time Joining: Immediate Job Summary: We are seeking a skilled SOAR Automation Engineer to enhance our cybersecurity operations through automation and orchestration. The ideal candidate will have hands-on experience in SOAR platforms, strong programming expertise, and the ability to develop and optimize playbooks for threat detection and incident response. If you're ready to contribute immediately to cutting-edge security automation, we want you on our team! Key Responsibilities: Develop, customize, and implement SOAR automation workflows using platforms like XSOAR, Google SOAR, IBM SOAR, and Splunk SOAR Design and optimize security playbooks for efficient incident response and threat mitigation Integrate SOAR tools with ServiceNow and other ITSM/security systems Write and maintain Python, JavaScript, and Shell scripting for automation processes Collaborate with cybersecurity analysts to refine security automation strategies Debug and troubleshoot SOAR implementations for optimal performance Stay updated with industry trends in SOAR automation, cybersecurity, and threat intelligence Required Skills & Qualifications: 2-5 years of experience in security automation and programming Strong expertise in SOAR platforms (XSOAR, Google SOAR, IBM SOAR, Splunk SOAR) Solid programming skills in Python, JavaScript, and Shell scripting Experience in creating security playbooks to automate incident response Familiarity with ServiceNow integration for security operations Understanding of cybersecurity principles, threat hunting, and incident management Ability to work efficiently in a fast-paced environment with immediate availability Preferred Qualifications: Certifications in SOAR automation, cybersecurity, or programming languages Knowledge of machine learning applications for security automation Experience with cloud security solutions

Role & responsibilities About the Role: The Senior Cybersecurity SOC Engineer role is a key position within CA One Tech Cloud Clients . This role involves designing scalable applications and ensuring the delivery of high-quality projects. Key Responsibilities: Design and build SOC infrastructure using Microsoft Sentinel and SOAR Lead deep investigations using CrowdStrike Falcon, MDE, Tenable, and Palo Alto/Fortinet firewalls Perform threat hunting using MITRE ATT&CK framework and dark web intelligence Develop KQL queries and automation scripts in PowerShell/Python Integrate and respond to incidents across Azure and Microsoft 365 environments Collaborate with MSOC and global teams for escalations and knowledge sharing Required Skills: 7+ years in cybersecurity roles, focused on SOC/IR/Threat Hunting Expertise with Microsoft Sentinel , CrowdStrike Falcon , MDE , Tenable Deep understanding of MITRE ATT&CK , lateral movement, and APTs Scripting experience in KQL , Python , PowerShell Strong communication, leadership, and mentoring skills Preferred: Certifications: GCFA, GCIH, GCTI, CISSP, AZ-500, MS-500, OSCP, or MITRE ATT&CK Defender Experience with Palo Alto XSOAR and cloud-based threat monitoring Interested candidates please share your resume to Sirishad@ca-one.com

Role & responsibilities - Minimum 4 plus years of experience in application development using Python and Rest API. - Experience in managing any SOAR platforms (e.g. Palo Alto Cortex, Phantom, Resilient, Swimlane, etc.) -Experience in SOAR administration, playbook development/automation and life cycle management - Deploying and managing integration packages for various 3rd party tools/applications - Experience in trouble shooting integration issues and code customization. - Experience in developing integration solutions with web services, APIs using REST/JSON. - Ability to install and configure 3rd party applications in a Linux environment, experience in Unix/Linux administration - Understanding of security products and secure coding techniques is a plus Preferred candidate profile Hands-on experience with Palo Alto Cortex XSOAR (mandatory). Strong knowledge of security operations, incident response, and SOC processes. Proficient in Python scripting (must-have for custom automations and integrations). Experience with RESTful APIs and JSON data format. Familiarity with SIEM, EDR, firewalls, threat intelligence platforms, and other security tools. Strong analytical, problem-solving, and troubleshooting skills. Excellent written and verbal communication skills. Ability to work collaboratively in a fast-paced team environment.

Company Summary DISH Network Technologies India Pvt. Ltd is a technology subsidiary of EchoStar Corporation. Our organization is at the forefront of technology, serving as a disruptive force and driving innovation and value on behalf of our customers. Our product portfolio includes Boost Mobile (consumer wireless), Boost Mobile Network (5G connectivity), DISH TV (Direct Broadcast Satellite), Sling TV (Over The Top service provider), OnTech (smart home services), Hughes (global satellite connectivity solutions) and Hughesnet (satellite internet). Our facilities in India are some of EchoStar's largest development centers outside the U.S. As a hub for technological convergence, our engineering talent is a catalyst for innovation in multimedia network and communications development. Department Summary Our Technology teams challenge the status quo and reimagine capabilities across industries. Whether through research and development, technology innovation or solution engineering, our people play vital roles in connecting consumers with the products and platforms of tomorrow. Job Duties and Responsibilities Implement and manage log collection processes for XSIAM, ensuring comprehensive data ingestion from various sources Integrate XSIAM with various security tools, including endpoint protection (XDR), Tenable, Prisma and threat intelligence platforms. Develop and maintain automated playbooks using XSOAR, Python, and other relevant tools to streamline incident response processes Automation for incident remediation with endpoints and ITSM tools Provide expert consulting on security incidents, leveraging XSIAM and other security tools to analyze and respond to threats Work closely with cross-functional teams, including IT, security, and business units, to ensure seamless integration and effective incident response. Provide training and support to security analysts and IT staff on XSIAM functionalities, integrations, and playbook automation. Skills, Experience and Requirements 3-5 years experience in SIEM, Security analytics, incident response processes Hands-on programming experience in Python and strong background in Data Engineering - ETL, Data Analytics, Dashboard development, data pipeline development & understanding of ML concepts. Good understanding of software engineering is a must. Proficiency in XSIAM, XSOAR, Python scripting, SNOW, and security automation experience Strong experience in integrating security tools and platforms, including knowledge of APIs and data connectors. Proven experience in creating and maintaining automated playbooks for incident response. In-depth knowledge of incident response processes and best practices Benefits Insurance and Wellbeing Financial & Retiral Benefit Program Mental Wellbeing Employee Stock Purchase Program (ESPP) Professional Development Reimbursement Time Off Team Outings

Role: Automations Engineer (Python) Customer: Pfizer Experience: 5-7 Years Duration: 6 months Location: Remote, India Work Hours: 01:00pm to 10:00pm IST Interview Rounds: 3 in total. (1 technical screen and 2 customer rounds) Job Description: Support the team develop automations for processes, templates, workflows and analytics to ensure end to end reliability, continuity and consistency of our services to protect Pfizer. Specifically: Develop automations based on analytics to eliminate manual repetitive tasks and allow time for more meaningful work, Develop automations based on analytics to implement Role-Based Access Controls, Develop code in Python, Use DevOps practices, Familiarity/Experience with XSOAR is a plus. Preferred if they have experience with the Scrum framework and Confluence/JIRA.

As a member of our team at MetLife, you will play a crucial role in supporting and developing endpoint security tools such as Crowdstrike or other EDR solutions. You will be responsible for providing Tier III engineering and operational support for our endpoint protection infrastructure, ensuring its effectiveness and reliability. Additionally, you will collaborate with internal InfoSec teams and external providers to align security goals and contribute to milestone planning, deployment coordination, change management, and operational documentation. Your expertise in the following technologies is essential for this role: - EDR: Admin-level knowledge of Crowdstrike (preferred), Fortra, or any other EDR tool. - Deployment Tools: Experience with Tanium (preferred) or similar tools. - Automation Tools: Proficiency in XSOAR or equivalent platforms. - SIEM: Admin-level proficiency in Snare, especially in agent troubleshooting. - Performance monitoring tools: Familiarity with tools like RunZero, Systrack, etc. - Basic knowledge of Vectra and AI security concepts. At MetLife, we are committed to creating a more confident future for our colleagues, customers, communities, and the world. As a part of our team, you will be part of a globally recognized company that is dedicated to excellence and innovation in the financial services industry. If you are passionate about cybersecurity and want to make a difference, we invite you to join us at MetLife. Together, we can achieve the extraordinary. #AllTogetherPossible,

Organizations everywhere struggle under the crushing costs and complexities of solutions that promise to simplify their lives. To create a better experience for their customers and employees. To help them grow. Software is a choice that can make or break a business. Create better or worse experiences. Propel or throttle growth. Business software has become a blocker instead of ways to get work done. Theres another option. Freshworks. With a fresh vision for how the world works. At Freshworks, we build uncomplicated service software that delivers exceptional customer and employee experiences. Our enterprise-grade solutions are powerful, yet easy to use, and quick to deliver results. Our people-first approach to AI eliminates friction, making employees more effective and organizations more productive. Over 72,000 companies, including Bridgestone, New Balance, Nucor, S&P Global, and Sony Music, trust Freshworks customer experience (CX) and employee experience (EX) software to fuel customer loyalty and service efficiency. And, over 4,500 Freshworks employees make this possible, all around the world. Fresh vision. Real impact. Come build it with us. Job Description We are looking for a hybrid expert in cybersecurity operations and AI engineering to lead the development, customization, and operationalization of AI-powered SOC automation systems. This role will bridge the gap between frontline SOC operations and backend AI/ML capabilitiesdriving intelligent alert triage, threat detection, and incident response automation through tools like Intezer, Cortex XSOAR, and custom AI pipelines. You will play a key role in both defending the organization and building the intelligent systems that scale our defenses. SOC & Threat Detection (Analyst Responsibilities): Monitor and triage security alerts using AI-assisted tooling. Analyze, investigate, and escalate incidents using threat intel and log data. Provide threat context, root cause analysis, and response recommendations. Fine-tune detection rules, behavioral baselines, and IOC correlations. Serve as SME for SOC use cases and automation requirements. AI Engineering & Automation: Design and maintain ML models for anomaly detection, classification, and triage. Build automation workflows using SOAR platforms (e.g., Cortex XSOAR). Integrate AI models with SIEM, EDR, TIP, and other SOC data sources. Develop feedback loops based on SOC analyst input and incident data. Reduce false positives/negatives through intelligent alert enrichment. Collaboration & Strategy: Collaborate with threat intel, IR Drive innovation in SOC tooling through automation and AI. Maintain documentation, model explainability, and audit readiness. Stay ahead of adversarial threats and AI misuse in cyber contexts. Qualifications Must-Have: 3+ years in a SOC Analyst, Incident Responder, or Threat Hunter role. 2+ years developing or applying AI/ML in a cybersecurity or security automation context. Proficient in Python and ML libraries (Scikit-learn, PyTorch, TensorFlow). Experience with SIEMs (Splunk, Sentinel, QRadar), SOARs (XSOAR, TheHive), and EDRs (CrowdStrike, Defender). Strong grasp of MITRE ATT&CK, threat detection, and common attack vectors. Familiarity with APIs, REST, JSON, and integration of multiple security platforms. Nice-to-Have: Experience with malware classification, threat intel enrichment, or sandbox analysis (e.g., Intezer, VirusTotal). Knowledge of adversarial ML, model hardening, or explainable AI in SOC. Experience with cloud-native security monitoring (AWS/GCP/Azure). Familiarity with MLOps, data pipelines, or model deployment in production. Additional Information At Freshworks, we are creating a global workplace that enables everyone to find their true potential, purpose, and passion irrespective of their background, gender, race, sexual orientation, religion and ethnicity. We are committed to providing equal opportunity for all and believe that diversity in the workplace creates a more vibrant, richer work environment that advances the goals of our employees, communities and the business. Show more Show less

Role & responsibilities Design and develop XSOAR playbooks to automate repetitive tasks in Security Operations. Integrate various security tools and data sources with XSOAR using APIs, custom integrations, and out-of-the-box connectors. Collaborate with SOC analysts, incident responders, and other cybersecurity teams to identify automation opportunities. Maintain and enhance existing playbooks based on feedback and evolving security requirements. Develop custom scripts (Python) and integrations as needed. Troubleshoot and resolve issues related to XSOAR integrations and playbooks. Document processes, playbooks, and integration procedures for knowledge sharing. Ensure automation workflows comply with security policies, standards, and regulatory requirements. Provide training and mentoring to team members on XSOAR automation best practices. Stay up to date with the latest trends, threats, and technologies in security automation Preferred candidate profile Hands-on experience with Palo Alto Cortex XSOAR (mandatory). Strong knowledge of security operations, incident response, and SOC processes. Proficient in Python scripting (must-have for custom automations and integrations). Experience with RESTful APIs and JSON data format. Familiarity with SIEM, EDR, firewalls, threat intelligence platforms, and other security tools. Strong analytical, problem-solving, and troubleshooting skills. Excellent written and verbal communication skills. Ability to work collaboratively in a fast-paced team environment.

Job Title : Cybersecurity Analyst Fortinet, SIEM, and SOAR Expert Location : Chennai Experience : 5 to 8 Years Employment Type : Contract Job Summary : We are looking for an experienced Cybersecurity Analyst with a strong background in Fortinet firewall configuration , SIEM tools (like Splunk, QRadar, or SentinelOne), and SOAR platforms . The ideal candidate will be highly skilled in threat detection, incident response automation, and log analysis. A basic understanding of OT/IoT security concepts is desirable. Key Responsibilities : Configure and audit firewall rules in Fortinet environments Work with SIEM tools (e.g., Splunk, QRadar, SentinelOne) to: Monitor and analyze logs and security events Create and tune correlation rules and alerts Manage incident detection workflows Develop and manage automated playbooks in SOAR/XSOAR platforms Integrate security tools and enable automation for incident response Understand OT/IoT security threats and risk areas (hands-on experience not mandatory) Required Skills : Hands-on experience with Fortinet firewall configuration and policy audits Strong knowledge of at least one SIEM tool (Splunk, QRadar, or SentinelOne) Practical experience in log analysis , threat detection, and workflow creation Familiarity with SOAR tools and playbook development Basic understanding of OT/IoT security environments Good analytical and troubleshooting skills Ability to work in a fast-paced environment Preferred Qualifications : Certifications such as Fortinet NSE , Splunk Certified , etc. Experience in scripting/automation using Python , PowerShell , or similar tools Exposure to MITRE ATT&CK framework and incident response procedures

Role & responsibilities About the Role: We are hiring a Senior SOC Engineer to lead incident response, threat detection, and automation initiatives for Rocket EMS's global security operations. This is not an analyst roleyoull be hands-on, driving SIEM/SOAR optimization, advanced threat hunting, and direct response to cyberattacks across endpoints, cloud, and identity systems. Key Responsibilities: Design and build SOC infrastructure using Microsoft Sentinel and SOAR Lead deep investigations using CrowdStrike Falcon, MDE, Tenable, and Palo Alto/Fortinet firewalls Perform threat hunting using MITRE ATT&CK framework and dark web intelligence Develop KQL queries and automation scripts in PowerShell/Python Integrate and respond to incidents across Azure and Microsoft 365 environments Collaborate with MSOC and global teams for escalations and knowledge sharing Required Skills: 7+ years in cybersecurity roles, focused on SOC/IR/Threat Hunting Expertise with Microsoft Sentinel , CrowdStrike Falcon , MDE , Tenable Deep understanding of MITRE ATT&CK , lateral movement, and APTs Scripting experience in KQL , Python , PowerShell Strong communication, leadership, and mentoring skills Preferred: Certifications: GCFA, GCIH, GCTI, CISSP, AZ-500, MS-500, OSCP, or MITRE ATT&CK Defender Experience with Palo Alto XSOAR and cloud-based threat monitoring Interested candidates please share your resume to Sirishad@ca-one.com

Deploy and configure Microsoft Sentinel and dependent resources. Integrate diverse data sources into SIEM for holistic threat visibility. Develop advanced KQL queries and build analytical rules and alerts. Design and implement use cases aligned to NIST and MITRE ATT&CK frameworks. Build SOAR workflows using Azure Logic Apps for automated incident response. Perform threat hunting and simulate non-invasive attacks based on TTPs and threat actor behavior. Conduct forensic analysis, root cause analysis, and incident triage. Leverage threat intelligence for proactive defense and detection strategies. Create and maintain KPI dashboards and reporting metrics. Build Proof of Concepts (PoCs) for domain-specific security implementations. Utilize and maintain EDR and CASB tools , preferably Microsoft Defender ATP. Maintain and enhance security in hybrid and multi-cloud environments (Azure, AWS, GCP). Create custom security policies , dashboards, and workbooks in Sentinel. Participate in compliance control strategies (e.g., PCI, PII) using Azure Automation . Support Cloud Security Posture Management (CSPM) tool testing and policy scoring. Support in report generation (daily, weekly, quarterly, annually) for various stakeholders. Technical Skills & Experience: Deep understanding of Active Directory, DNS Security, Network Protocols, Web Technologies , TLS, and Firewalls. Proficient in EDR solutions , preferably Microsoft Defender ATP . Hands-on with Azure cloud security technologies: Defender for Cloud, Defender for Identity, Defender for Office365, etc. Exposure to GCP (Security Command Center, Confidential Computing) and AWS (Security Hub, GuardDuty, Macie) is a plus. Proficient in PowerShell, Bash, Python scripting (preferred but not mandatory). Knowledge of IT Forensics tools, techniques, and methodologies. Experience in policy creation, dashboarding , and process automation. Good to Have: Exposure to Cloud App Security , Azure Key Vault , Confidential Computing , AWS Shield , etc. Certifications like AZ-500 , SC-200 , AWS Certified Security , etc. Experience with setting up SOC processes or security frameworks .

Role & responsibilities About the Role: We are hiring a Senior SOC Engineer to lead incident response, threat detection, and automation initiatives for Rocket EMS's global security operations. This is not an analyst roleyou’ll be hands-on, driving SIEM/SOAR optimization, advanced threat hunting, and direct response to cyberattacks across endpoints, cloud, and identity systems. Key Responsibilities: Design and build SOC infrastructure using Microsoft Sentinel and SOAR Lead deep investigations using CrowdStrike Falcon, MDE, Tenable, and Palo Alto/Fortinet firewalls Perform threat hunting using MITRE ATT&CK framework and dark web intelligence Develop KQL queries and automation scripts in PowerShell/Python Integrate and respond to incidents across Azure and Microsoft 365 environments Collaborate with MSOC and global teams for escalations and knowledge sharing Required Skills: 7+ years in cybersecurity roles, focused on SOC/IR/Threat Hunting Expertise with Microsoft Sentinel , CrowdStrike Falcon , MDE , Tenable Deep understanding of MITRE ATT&CK , lateral movement, and APTs Scripting experience in KQL , Python , PowerShell Strong communication, leadership, and mentoring skills Preferred: Certifications: GCFA, GCIH, GCTI, CISSP, AZ-500, MS-500, OSCP, or MITRE ATT&CK Defender Experience with Palo Alto XSOAR and cloud-based threat monitoring

Your potential, unleashed. India's impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matter s. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilientnot only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Job Description: We are seeking a Skilled SOAR Engineer with hands-on experience in Palo Alto XSOAR to join our cybersecurity automation team. The ideal candidate will be responsible for designing, developing, and maintaining SOAR playbooks, creating custom integrations and managing the underlying infrastructure. Key Responsibilities Develop and optimize automation playbooks within SOAR platforms (preferably Palo Alto XSOAR). Design and implement custom integrations with third-party tools using Python. Maintain and enhance SOAR platform infrastructure, including setup, configuration, upgrades, data purging etc. Troubleshoot playbook or integration issues and ensure high availability of SOAR services. Ability to work in a 24x7 rotational shift environment. Required Skills: Proven experience with SOAR tools (XSOAR experience highly preferred) Strong proficiency in Python for scripting and automation. Experience in creating custom connectors, scripts, and automations in SOAR environments. Familiarity with SOAR platform administration, including health monitoring, backup/restore, and performance tuning. Desired qualifications Certifications such as CISSP, GSEC, CISM, or certifications specific to SOAR platforms (e.g., Palo Alto Cortex XSOAR Certification) Experience required 5-8 Years Location and way of working Base location: Mumbai/Hyderabad Professional is required to work from Client office How youll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the worlds most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyones welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. * Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Industry - Leading NBFC. Designation - Senior Manager / AVP. Role - SOAR Admin. Location - Mumbai. Required Candidate profile Role: Minimum 6 years experience in designing, implementing and managing Security Orchestration, Automation, and Response (SOAR) solutions. Interested can share their CV - bhumika@rightmatch.co.in

Job description: Job Title: SOAR Automation Engineer Location: Delhi, India Experience: 2-5 years Employment Type: Full-Time Joining: Immediate Job Summary: We are seeking a skilled SOAR Automation Engineer to enhance our cybersecurity operations through automation and orchestration. The ideal candidate will have hands-on experience in SOAR platforms, strong programming expertise, and the ability to develop and optimize playbooks for threat detection and incident response. If you're ready to contribute immediately to cutting-edge security automation, we want you on our team! Key Responsibilities: Develop, customize, and implement SOAR automation workflows using platforms like XSOAR, Google SOAR, IBM SOAR, and Splunk SOAR Design and optimize security playbooks for efficient incident response and threat mitigation Integrate SOAR tools with ServiceNow and other ITSM/security systems Write and maintain Python, JavaScript, and Shell scripting for automation processes Collaborate with cybersecurity analysts to refine security automation strategies Debug and troubleshoot SOAR implementations for optimal performance Stay updated with industry trends in SOAR automation, cybersecurity, and threat intelligence Required Skills & Qualifications: 2-5 years of experience in security automation and programming Strong expertise in SOAR platforms (XSOAR, Google SOAR, IBM SOAR, Splunk SOAR) Solid programming skills in Python, JavaScript, and Shell scripting Experience in creating security playbooks to automate incident response Familiarity with ServiceNow integration for security operations Understanding of cybersecurity principles, threat hunting, and incident management Ability to work efficiently in a fast-paced environment with immediate availability Preferred Qualifications: Certifications in SOAR automation, cybersecurity, or programming languages Knowledge of machine learning applications for security automation Experience with cloud security solutions

We're seeking a highly experienced and technically proficient SOC CSIRT - Solution Expert (L3) to join our team. This role demands extensive expertise in Security Information and Event Management (SIEM) solutions, particularly with QRadar, and a strong understanding of XSIAM/XDR. You'll be instrumental in managing critical security infrastructure, developing automation playbooks, and ensuring robust incident response capabilities. Key Responsibilities: SIEM Solution Management: Oversee SIEM management , including log source integration (ingestion parser selection) and custom DSM/parser development and maintenance . Develop and refine correlation rules within the SIEM to enhance threat detection. Possess and apply XSIAM / XDR global knowledge to optimize security operations. Proactively manage and address log source loss issues to maintain comprehensive visibility. CSIRT Infrastructure Management: Manage and secure environments across AWS and GCP cloud platforms . Administer and maintain both Windows and Linux systems crucial for CSIRT operations. Develop and maintain automation scripts, primarily in Python , with additional experience in Bash/PowerShell scripting . Utilize ITSM processes for efficient incident and change management. Automation Development: Develop sophisticated playbooks in XSIAM for automated threat response and orchestration. Develop effective playbooks in XSOAR for security orchestration, automation, and response. Reporting Management (Nice to Have): Utilize PowerBI for reporting on security metrics and incident trends. Required Skills & Experience: Total Years of Experience: 8+ Years Relevant Years of Experience: 5+ Years (L3 level) Mandatory Skills: Strong SIEM expertise, specifically with QRadar . In-depth XSIAM / XDR global knowledge . Proven experience in developing playbooks in XSIAM and XSOAR (minimum 5 years of relevant experience). Desired/Secondary Skills: Python, Bash, PowerShell scripting, AWS, GCP, Windows, Linux, ITSM process usage, PowerBI. Domain: Solution Expert - CSIRT_SOC

Specific Solution Management SIEM management Log source integration (ingestion parser selection) Custom DSM / parser development maintenance Rule development XSIAM / XDR global Knowledge Manage and address log source loss issues CSIRT Infrastructure Management Manage AWS environments Manage GCP environments Manage Windows systems Manage Linux systems Develop and maintain scripts primarily in Python, with some bash/Powershell scripting ITSM process usage Automation Develop playbooks in XSIAM Develop playbooks in XSOAR Reporting Management (nice to have) Utilize PowerBI for reporting Mandatory skills SIEM , Qradar, XSIAM / XDR global Knowledge, Develop playbooks in XSIAM and XSOAR with 5 yrs exp (L3) Desired/ Secondary skills Domain Solution Expert - CSIRT _SOC Max Vendor Rate in Per Day (Currency in relevance to work location)

Hi , As per response to your profile which is uploaded in Job portals. We have an excellent job openings for XSOAR -Bangalore Location in IT MNC If your already received email or not looking for job change/ irrelevant - please ignore it. Note: Apply for only Relevant & interested candidates. Job Description: Skill:- Cybersecurity,Azure Sentinel SIEM,MS Defender for Endpoints (EDR/ATP),AWS IAM,SOAR Concept,Fortinet FortiSOAR,Palo Alto Networks - Firewalls,Cortex XSOAR,Python. We are seeking a Cybersecurity Analyst with 1-6years of experience in fundamental cybersecurity concepts, including SIEM, EDR, IAM, and SOAR platforms. The ideal candidate should have a basic understanding of security automation and orchestration using platforms like FortiSOAR, Palo Alto XSOAR, and ThreatConnect (preferred). Experience with SOAR play book creation , integration etc. Additionally, knowledge of Python scripting for automation and security tasks will be an added advantage. Those who have relevant experience and Skills, as mentioned above please revert back soon. It"s a kind request, Please provide the below mentioned details in Ur CV/mail before u send it to us. Total Exp: Relevant Exp:- Current Company: Current CTC: Expected CTC: Current Location: Preferred location: Bangalore Notice Period: DOB: Degree: Many Thanks Regards Sreenivas Sreenivasa.k@happiestminds.com

- Design, develop & maintain playbooks within Cortex XSOAR - Integrate security tools & threat intelligence sources with XSOAR - Implement & manage security alerts using XSIAM, SIEM & SOAR platforms - Fine-tune & optimize securty automation processes Required Candidate profile Exp. : 6+ yrs CTC : Upto 30 Lacs Location : Remote WFH (1 Opening) / Central Mumbai WFO (2 Open) Comm. Skills - Excellent Strong in Cortex XSOAR along with automation and XSIAM, SOAR, and SIEM tools.

Role Overview As a Team Lead for Palo Altos Extended Security Intelligence and Automation Management (XSIAM) platform, you will lead a team of security analysts and automation engineers in delivering advanced threat detection, response automation, and SOC transformation services. This role is pivotal in managing multi-tenant XSIAM environments, driving operational excellence, and ensuring client satisfaction across managed security services. Key Responsibilities Lead the deployment, configuration, and optimization of Palo Alto XSIAM across co-managed and fully managed MSSP environments Manage multi-tenant orchestration using XSOAR and SAC (Security Automation Center), ensuring governance and customization at both service and customer layers Drive SOC transformation initiatives by integrating XSIAM with existing SIEM/SOAR ecosystems and automating Tier-1 workflows Collaborate with MSSP Centers of Excellence to align automation strategies with client-specific security architectures Conduct regular client reviews, manage escalations, and ensure SLA adherence and RCA documentation Mentor and manage a team of analysts, ensuring continuous upskilling in XSIAM and related technologies. Contribute to the development of reusable playbooks, integration modules, and knowledge assets for the XSIAM platform. Required Skills & Experience 6+ years of experience in cybersecurity operations, with at least 2 years in a leadership role. Hands-on expertise in Palo Alto XSIAM and XSOAR platforms, including tenant management and orchestration

Warm Greetings from SP Staffing!! Role :SOC Analyst Experience Required :8 to 12 yrs Work Location :Bangalore Required Skills, L3 Incident Management Edr SIEM Threat intelligence Interested candidates can send resumes to nandhini.spstaffing@gmail.com