CMS-Senior-XSOAR

• Excellent teamwork skills, passion and drive to succeed and combat Cyber threats
• Working with the customer to identify security automation strategies and provide creative integrations and playbooks.
• Work collaboratively with other team members to find creative and practical solutions to customers' challenges and needs.
• Design, build, and optimize Cortex XSOAR playbooks, integrations, and automation.
• Work closely with SOC analysts to understand operational challenges and convert them into automated workflows.
• Develop and maintain Python-based scripts to support custom integrations.
• Integrate SIEM, endpoint, cloud, network, and threat intel tools with XSOAR.
• Troubleshoot and resolve SOAR-related issues, ensuring platform stability and performance.
• Optimize incident response processes through orchestration and automation.
• Collaborate with security engineers, threat hunters, and incident responders to improve detection and response capabilities.
• Create and maintain documentation for playbooks, use cases, and integrations.
• Train SOC analysts on XSOAR capabilities and best practices.
• Participate in continuous improvement of security operations and automation strategy.
• Management and administration of Coretex XSOAR platform
• Developing custom scripts and playbooks to automate repetitive tasks and response actions.
• Experienced developer with at least 2 + yrs of experience using Python programming language, REST API and JSON. Must have basic SQL knowledge.
• Knowledge on Incident Response and Threat Intelligence tools.
• Should have worked in a security operations center and gained understanding of SIEM solutions like Splunk, Microsoft Sentinel and other log management platforms. Having experience in Splunk content development will be an added advantage
• Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers.
• Good grasp in conceptualizing and/or implementing automation for business process workflows
• Knowledge in Network monitoring technology platforms such as Fidelis XPS or others
• Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others
• Should be able to assist, support and mitigate production issues.
• Should have the capability to work with partners and client stack holders to full fill their asks
• Ability to Coordinate with Vendor to incident closure on according to the severity
• Review, assess, benchmark and develop issue remediation action plans for all aspects of an engagement.

• Minimum of 3+ years' experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating Coretex XSOAR solution in global enterprise environments.
• Experience working in ServiceNow SOAR is also an added advantage
• Strong oral, written and listening skills are an essential component to effective consulting.
• Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary.
• Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc.
• Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field
• Minimum 2 years of working in Cortex XSOAR
• Experience in Process Development, Process Improvement, Process Architecture, and Training
• Quick to apprehend and adapt new applications.
• Knowledgeable in Cybersecurity and Incident Response Management
• Certification in Splunk will be an added advantage
• Certifications in a core security related discipline will be an added advantage.

EY