SOAR Engineer
Phoenix Cyber
Cyber SecurityPythonSplunk
Job Level
Mid-LevelSenior
Tech Stack
Cyber SecurityPythonSplunk
About the role
- Design, develop, and deploy Palo Alto Networks Cortex XSOAR playbooks and SOAR solutions.
- Automate incident response processes and orchestrate SOC workflows to improve efficiency and security posture.
- Integrate XSOAR with a wide range of security tools via REST and other APIs (examples: Splunk, CrowdStrike, Proofpoint).
- Debug, optimize, and maintain playbooks for performance and reliability.
- Implement use cases including phishing response, endpoint isolation, threat intelligence enrichment, and vulnerability management.
- Build custom integrations, dashboards, and reports within XSOAR when off-the-shelf solutions are not available.
- Collaborate with the cybersecurity team and stakeholders to translate requirements into technical automation solutions and documentation.
Requirements
- Cortex XSOAR Expertise: Extensive experience in designing, developing, and deploying Cortex XSOAR playbooks; deep understanding of XSOAR context data structures, incident layouts, and war rooms; ability to debug, optimize, and maintain playbooks for performance and reliability.
- Scripting and Integration Proficiency: Proven proficiency in Python (mandatory); experience working with REST and other APIs to integrate XSOAR with a wide range of security tools; ability to troubleshoot complex API/integration issues and build custom integrations.
- Automation of SOC Workflows: Hands-on experience automating and orchestrating SOC workflows, including incident triage, enrichment, and remediation use cases such as phishing response, endpoint isolation, threat intelligence, and vulnerability management.
- Experience integrating SOAR with Splunk and other security tools to enhance incident response capabilities (preferred).
- Experience connecting XSOAR with security tools including Splunk, CrowdStrike, and email security solutions (Proofpoint) (preferred).
- Knowledge of other scripting languages beyond Python (preferred).
- Strong understanding of general cybersecurity principles and SOC operations (preferred).
- Experience building custom dashboards and reports within the XSOAR platform (preferred).
- Excellent communication, stakeholder translation, and documentation skills.
- Preferred but not required: Bachelor's degree in Cyber Security, Computer Science, or related field.
Similar jobs on JobTailor
Security Operations Center Consultant
BAE Systems Digital Intelligence
AzureCyber SecurityFirewallsServiceNowSplunk
Senior Security Automation Developer
Vanguard
AWSAzureCloudCyber SecurityGoogle Cloud PlatformJavaScriptPython
Lead Cyber Security Engineer
FICO
AWSCloudCyber SecuritySplunk
Senior Cybersecurity Analyst
TENEX.AI
AWSAzureCloudCyber SecurityFirewallsPython