Cortex XSOAR Specialist

Job Title: IT Security Analyst I
RESPONSIBILITIES:
Engagement Description:

• Our Client is seeking a highly skilled and experienced Cortex XSOAR Professional to join its cybersecurity team.
• The ideal candidate will be a subject matter expert in the Palo Alto Networks Cortex XSOAR platform, responsible for designing, developing, and deploying security orchestration, automation, and response (SOAR) solutions.
• This role requires a strong background in scripting, API integration, and a deep understanding of security operations center (SOC) workflows.
• The successful candidate will play a key role in enhancing our security posture by automating incident response, improving efficiency, and integrating various security tools to create a cohesive and automated security ecosystem.
• This is a critical position for someone who is passionate about cybersecurity and leveraging automation to solve complex security challenges.

QUALIFCATIONS:
Top 3 Required Skills/Experience:

1. Cortex XSOAR Expertise:
   1. Extensive experience in designing, developing, and deploying Cortex XSOAR playbooks
   2. A deep understanding of XSOAR context data structures, incident layouts, and war rooms is essential.
   3. The ability to debug, optimize, and maintain playbooks for performance and reliability is a core requirement.
2. Scripting and Integration Proficiency:
   1. Proven proficiency in Python is mandatory.
   2. This role requires experience working with REST and other APIs to integrate XSOAR with a wide range of security tools and platforms.
   3. The ability to troubleshoot complex API/integration issues and build custom integrations when off-the-shelf solutions are not available is critical.
3. Automation of SOC Workflows:
   1. Hands-on experience in automating and orchestrating SOC workflows.
   2. This includes a strong command of incident triage, enrichment, and remediation use cases, such as phishing response, endpoint isolation, threat intelligence, and vulnerability management.
   3. The candidate must be skilled in identifying security or workflow gaps and designing modular, scalable automation solutions to address them.

Preferred Skills/Experience:

• Experience in integrating SOAR platforms with Splunk and other security tools to enhance incident response capabilities
• Experience connecting XSOAR with a variety of security tools, including Splunk, CrowdStrike, and email security solutions (Proofpoint)
• Knowledge of other scripting languages beyond Python
• Strong understanding of general cybersecurity principles and SOC operations
• Experience building custom dashboards and reports within the XSOAR platform
• Excellent soft skills, including strong communication, the ability to translate stakeholder requirements into technical solutions, and robust documentation skills

Education/Certifications Include:
Preferred but not required:

• Bachelor's degree in Cyber Security, Computer Science, or related field

OpTech is an equal opportunity employer and is committed to creating a diverse environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, status as a parent, disability, age, veteran status, or other characteristics as defined by federal, state or local laws.