Senior security automation engineer

• Playbook Engineering: Design and implement end-to-end automation playbooks in Cortex XSIAM using both out-of-the-box integrations and custom Python scripts.
• Workflow Optimization: Audit existing manual processes and "code-ify" them to reduce Mean Time to Respond (MTTR) and eliminate analyst fatigue.
• Platform Mastery: Manage the XSIAM environment, including data ingestion, XQL (Xalt Query Language) development, and alert tuning.
• API Integration: Build custom integrations between XSIAM and third-party tools (EDR, Firewall, IAM, AWS) where native connectors may fall short.
• Continuous Improvement: Monitor playbook performance and "auto-remediate" common false positives to ensure the SOC focuses only on high-fidelity threats.
• Experience is integrating Automation scripts and doing regressive testing for low error rates for tasks.

• Expert-level Cortex XSIAM/XSOAR: Proven track record of building complex, multi-stage playbooks (loops, conditional logic, and sub-playbooks).
• Advanced Scripting: Proficiency in Python and PowerShell is mandatory for custom task creation.
• XQL Proficiency: Ability to write complex queries for data correlation and dashboarding.
• Security Context: Deep understanding of the MITRE ATT&CK framework and common incident response lifecycles (Phishing, Malware, Brute Force, etc.)
• Integration Experience: Experience working with REST APIs and JSON/XML data structures

MM Staffing & Career Consultants