12 Xsoar Jobs

Role & responsibilities Design and develop XSOAR playbooks to automate repetitive tasks in Security Operations. Integrate various security tools and data sources with XSOAR using APIs, custom integrations, and out-of-the-box connectors. Collaborate with SOC analysts, incident responders, and other cybersecurity teams to identify automation opportunities. Maintain and enhance existing playbooks based on feedback and evolving security requirements. Develop custom scripts (Python) and integrations as needed. Troubleshoot and resolve issues related to XSOAR integrations and playbooks. Document processes, playbooks, and integration procedures for knowledge sharing. Ensure automation workflows comply with security policies, standards, and regulatory requirements. Provide training and mentoring to team members on XSOAR automation best practices. Stay up to date with the latest trends, threats, and technologies in security automation Preferred candidate profile Hands-on experience with Palo Alto Cortex XSOAR (mandatory). Strong knowledge of security operations, incident response, and SOC processes. Proficient in Python scripting (must-have for custom automations and integrations). Experience with RESTful APIs and JSON data format. Familiarity with SIEM, EDR, firewalls, threat intelligence platforms, and other security tools. Strong analytical, problem-solving, and troubleshooting skills. Excellent written and verbal communication skills. Ability to work collaboratively in a fast-paced team environment.

Job Title : Cybersecurity Analyst Fortinet, SIEM, and SOAR Expert Location : Chennai Experience : 5 to 8 Years Employment Type : Contract Job Summary : We are looking for an experienced Cybersecurity Analyst with a strong background in Fortinet firewall configuration , SIEM tools (like Splunk, QRadar, or SentinelOne), and SOAR platforms . The ideal candidate will be highly skilled in threat detection, incident response automation, and log analysis. A basic understanding of OT/IoT security concepts is desirable. Key Responsibilities : Configure and audit firewall rules in Fortinet environments Work with SIEM tools (e.g., Splunk, QRadar, SentinelOne) to: Monitor and analyze logs and security events Create and tune correlation rules and alerts Manage incident detection workflows Develop and manage automated playbooks in SOAR/XSOAR platforms Integrate security tools and enable automation for incident response Understand OT/IoT security threats and risk areas (hands-on experience not mandatory) Required Skills : Hands-on experience with Fortinet firewall configuration and policy audits Strong knowledge of at least one SIEM tool (Splunk, QRadar, or SentinelOne) Practical experience in log analysis , threat detection, and workflow creation Familiarity with SOAR tools and playbook development Basic understanding of OT/IoT security environments Good analytical and troubleshooting skills Ability to work in a fast-paced environment Preferred Qualifications : Certifications such as Fortinet NSE , Splunk Certified , etc. Experience in scripting/automation using Python , PowerShell , or similar tools Exposure to MITRE ATT&CK framework and incident response procedures

Role & responsibilities About the Role: We are hiring a Senior SOC Engineer to lead incident response, threat detection, and automation initiatives for Rocket EMS's global security operations. This is not an analyst roleyoull be hands-on, driving SIEM/SOAR optimization, advanced threat hunting, and direct response to cyberattacks across endpoints, cloud, and identity systems. Key Responsibilities: Design and build SOC infrastructure using Microsoft Sentinel and SOAR Lead deep investigations using CrowdStrike Falcon, MDE, Tenable, and Palo Alto/Fortinet firewalls Perform threat hunting using MITRE ATT&CK framework and dark web intelligence Develop KQL queries and automation scripts in PowerShell/Python Integrate and respond to incidents across Azure and Microsoft 365 environments Collaborate with MSOC and global teams for escalations and knowledge sharing Required Skills: 7+ years in cybersecurity roles, focused on SOC/IR/Threat Hunting Expertise with Microsoft Sentinel , CrowdStrike Falcon , MDE , Tenable Deep understanding of MITRE ATT&CK , lateral movement, and APTs Scripting experience in KQL , Python , PowerShell Strong communication, leadership, and mentoring skills Preferred: Certifications: GCFA, GCIH, GCTI, CISSP, AZ-500, MS-500, OSCP, or MITRE ATT&CK Defender Experience with Palo Alto XSOAR and cloud-based threat monitoring Interested candidates please share your resume to Sirishad@ca-one.com

Deploy and configure Microsoft Sentinel and dependent resources. Integrate diverse data sources into SIEM for holistic threat visibility. Develop advanced KQL queries and build analytical rules and alerts. Design and implement use cases aligned to NIST and MITRE ATT&CK frameworks. Build SOAR workflows using Azure Logic Apps for automated incident response. Perform threat hunting and simulate non-invasive attacks based on TTPs and threat actor behavior. Conduct forensic analysis, root cause analysis, and incident triage. Leverage threat intelligence for proactive defense and detection strategies. Create and maintain KPI dashboards and reporting metrics. Build Proof of Concepts (PoCs) for domain-specific security implementations. Utilize and maintain EDR and CASB tools , preferably Microsoft Defender ATP. Maintain and enhance security in hybrid and multi-cloud environments (Azure, AWS, GCP). Create custom security policies , dashboards, and workbooks in Sentinel. Participate in compliance control strategies (e.g., PCI, PII) using Azure Automation . Support Cloud Security Posture Management (CSPM) tool testing and policy scoring. Support in report generation (daily, weekly, quarterly, annually) for various stakeholders. Technical Skills & Experience: Deep understanding of Active Directory, DNS Security, Network Protocols, Web Technologies , TLS, and Firewalls. Proficient in EDR solutions , preferably Microsoft Defender ATP . Hands-on with Azure cloud security technologies: Defender for Cloud, Defender for Identity, Defender for Office365, etc. Exposure to GCP (Security Command Center, Confidential Computing) and AWS (Security Hub, GuardDuty, Macie) is a plus. Proficient in PowerShell, Bash, Python scripting (preferred but not mandatory). Knowledge of IT Forensics tools, techniques, and methodologies. Experience in policy creation, dashboarding , and process automation. Good to Have: Exposure to Cloud App Security , Azure Key Vault , Confidential Computing , AWS Shield , etc. Certifications like AZ-500 , SC-200 , AWS Certified Security , etc. Experience with setting up SOC processes or security frameworks .

Role & responsibilities About the Role: We are hiring a Senior SOC Engineer to lead incident response, threat detection, and automation initiatives for Rocket EMS's global security operations. This is not an analyst roleyou’ll be hands-on, driving SIEM/SOAR optimization, advanced threat hunting, and direct response to cyberattacks across endpoints, cloud, and identity systems. Key Responsibilities: Design and build SOC infrastructure using Microsoft Sentinel and SOAR Lead deep investigations using CrowdStrike Falcon, MDE, Tenable, and Palo Alto/Fortinet firewalls Perform threat hunting using MITRE ATT&CK framework and dark web intelligence Develop KQL queries and automation scripts in PowerShell/Python Integrate and respond to incidents across Azure and Microsoft 365 environments Collaborate with MSOC and global teams for escalations and knowledge sharing Required Skills: 7+ years in cybersecurity roles, focused on SOC/IR/Threat Hunting Expertise with Microsoft Sentinel , CrowdStrike Falcon , MDE , Tenable Deep understanding of MITRE ATT&CK , lateral movement, and APTs Scripting experience in KQL , Python , PowerShell Strong communication, leadership, and mentoring skills Preferred: Certifications: GCFA, GCIH, GCTI, CISSP, AZ-500, MS-500, OSCP, or MITRE ATT&CK Defender Experience with Palo Alto XSOAR and cloud-based threat monitoring

Your potential, unleashed. India's impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realise your potential amongst cutting edge leaders, and organisations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matter s. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilientnot only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Job Description: We are seeking a Skilled SOAR Engineer with hands-on experience in Palo Alto XSOAR to join our cybersecurity automation team. The ideal candidate will be responsible for designing, developing, and maintaining SOAR playbooks, creating custom integrations and managing the underlying infrastructure. Key Responsibilities Develop and optimize automation playbooks within SOAR platforms (preferably Palo Alto XSOAR). Design and implement custom integrations with third-party tools using Python. Maintain and enhance SOAR platform infrastructure, including setup, configuration, upgrades, data purging etc. Troubleshoot playbook or integration issues and ensure high availability of SOAR services. Ability to work in a 24x7 rotational shift environment. Required Skills: Proven experience with SOAR tools (XSOAR experience highly preferred) Strong proficiency in Python for scripting and automation. Experience in creating custom connectors, scripts, and automations in SOAR environments. Familiarity with SOAR platform administration, including health monitoring, backup/restore, and performance tuning. Desired qualifications Certifications such as CISSP, GSEC, CISM, or certifications specific to SOAR platforms (e.g., Palo Alto Cortex XSOAR Certification) Experience required 5-8 Years Location and way of working Base location: Mumbai/Hyderabad Professional is required to work from Client office How youll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the worlds most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyones welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. * Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_

Industry - Leading NBFC. Designation - Senior Manager / AVP. Role - SOAR Admin. Location - Mumbai. Required Candidate profile Role: Minimum 6 years experience in designing, implementing and managing Security Orchestration, Automation, and Response (SOAR) solutions. Interested can share their CV - bhumika@rightmatch.co.in

Job description: Job Title: SOAR Automation Engineer Location: Delhi, India Experience: 2-5 years Employment Type: Full-Time Joining: Immediate Job Summary: We are seeking a skilled SOAR Automation Engineer to enhance our cybersecurity operations through automation and orchestration. The ideal candidate will have hands-on experience in SOAR platforms, strong programming expertise, and the ability to develop and optimize playbooks for threat detection and incident response. If you're ready to contribute immediately to cutting-edge security automation, we want you on our team! Key Responsibilities: Develop, customize, and implement SOAR automation workflows using platforms like XSOAR, Google SOAR, IBM SOAR, and Splunk SOAR Design and optimize security playbooks for efficient incident response and threat mitigation Integrate SOAR tools with ServiceNow and other ITSM/security systems Write and maintain Python, JavaScript, and Shell scripting for automation processes Collaborate with cybersecurity analysts to refine security automation strategies Debug and troubleshoot SOAR implementations for optimal performance Stay updated with industry trends in SOAR automation, cybersecurity, and threat intelligence Required Skills & Qualifications: 2-5 years of experience in security automation and programming Strong expertise in SOAR platforms (XSOAR, Google SOAR, IBM SOAR, Splunk SOAR) Solid programming skills in Python, JavaScript, and Shell scripting Experience in creating security playbooks to automate incident response Familiarity with ServiceNow integration for security operations Understanding of cybersecurity principles, threat hunting, and incident management Ability to work efficiently in a fast-paced environment with immediate availability Preferred Qualifications: Certifications in SOAR automation, cybersecurity, or programming languages Knowledge of machine learning applications for security automation Experience with cloud security solutions

We're seeking a highly experienced and technically proficient SOC CSIRT - Solution Expert (L3) to join our team. This role demands extensive expertise in Security Information and Event Management (SIEM) solutions, particularly with QRadar, and a strong understanding of XSIAM/XDR. You'll be instrumental in managing critical security infrastructure, developing automation playbooks, and ensuring robust incident response capabilities. Key Responsibilities: SIEM Solution Management: Oversee SIEM management , including log source integration (ingestion parser selection) and custom DSM/parser development and maintenance . Develop and refine correlation rules within the SIEM to enhance threat detection. Possess and apply XSIAM / XDR global knowledge to optimize security operations. Proactively manage and address log source loss issues to maintain comprehensive visibility. CSIRT Infrastructure Management: Manage and secure environments across AWS and GCP cloud platforms . Administer and maintain both Windows and Linux systems crucial for CSIRT operations. Develop and maintain automation scripts, primarily in Python , with additional experience in Bash/PowerShell scripting . Utilize ITSM processes for efficient incident and change management. Automation Development: Develop sophisticated playbooks in XSIAM for automated threat response and orchestration. Develop effective playbooks in XSOAR for security orchestration, automation, and response. Reporting Management (Nice to Have): Utilize PowerBI for reporting on security metrics and incident trends. Required Skills & Experience: Total Years of Experience: 8+ Years Relevant Years of Experience: 5+ Years (L3 level) Mandatory Skills: Strong SIEM expertise, specifically with QRadar . In-depth XSIAM / XDR global knowledge . Proven experience in developing playbooks in XSIAM and XSOAR (minimum 5 years of relevant experience). Desired/Secondary Skills: Python, Bash, PowerShell scripting, AWS, GCP, Windows, Linux, ITSM process usage, PowerBI. Domain: Solution Expert - CSIRT_SOC

Specific Solution Management SIEM management Log source integration (ingestion parser selection) Custom DSM / parser development maintenance Rule development XSIAM / XDR global Knowledge Manage and address log source loss issues CSIRT Infrastructure Management Manage AWS environments Manage GCP environments Manage Windows systems Manage Linux systems Develop and maintain scripts primarily in Python, with some bash/Powershell scripting ITSM process usage Automation Develop playbooks in XSIAM Develop playbooks in XSOAR Reporting Management (nice to have) Utilize PowerBI for reporting Mandatory skills SIEM , Qradar, XSIAM / XDR global Knowledge, Develop playbooks in XSIAM and XSOAR with 5 yrs exp (L3) Desired/ Secondary skills Domain Solution Expert - CSIRT _SOC Max Vendor Rate in Per Day (Currency in relevance to work location)

Hi , As per response to your profile which is uploaded in Job portals. We have an excellent job openings for XSOAR -Bangalore Location in IT MNC If your already received email or not looking for job change/ irrelevant - please ignore it. Note: Apply for only Relevant & interested candidates. Job Description: Skill:- Cybersecurity,Azure Sentinel SIEM,MS Defender for Endpoints (EDR/ATP),AWS IAM,SOAR Concept,Fortinet FortiSOAR,Palo Alto Networks - Firewalls,Cortex XSOAR,Python. We are seeking a Cybersecurity Analyst with 1-6years of experience in fundamental cybersecurity concepts, including SIEM, EDR, IAM, and SOAR platforms. The ideal candidate should have a basic understanding of security automation and orchestration using platforms like FortiSOAR, Palo Alto XSOAR, and ThreatConnect (preferred). Experience with SOAR play book creation , integration etc. Additionally, knowledge of Python scripting for automation and security tasks will be an added advantage. Those who have relevant experience and Skills, as mentioned above please revert back soon. It"s a kind request, Please provide the below mentioned details in Ur CV/mail before u send it to us. Total Exp: Relevant Exp:- Current Company: Current CTC: Expected CTC: Current Location: Preferred location: Bangalore Notice Period: DOB: Degree: Many Thanks Regards Sreenivas Sreenivasa.k@happiestminds.com

- Design, develop & maintain playbooks within Cortex XSOAR - Integrate security tools & threat intelligence sources with XSOAR - Implement & manage security alerts using XSIAM, SIEM & SOAR platforms - Fine-tune & optimize securty automation processes Required Candidate profile Exp. : 6+ yrs CTC : Upto 30 Lacs Location : Remote WFH (1 Opening) / Central Mumbai WFO (2 Open) Comm. Skills - Excellent Strong in Cortex XSOAR along with automation and XSIAM, SOAR, and SIEM tools.