Cybersecurity Automation Engineer Cortex XSOAR (Palo Alto SOAR)

ICONMA, LLC

Atlanta, GA

JOB DETAILS
SALARY
$53.57 Per Hour
SKILLS
Application Programming Interface (API), Asset Management, Automation, Automation Engineering, Health Plan, Information Technology Consulting, Information/Data Security (InfoSec), Internet Security, Performance Analysis, Risk, Risk Management, Risk Modeling, Scorecarding, Security Information and Event Management (SIEM), Software as a Service (SaaS), Splunk, Telemetry, Threat Modeling, Vendor/Supplier Evaluation, Workload Automation
LOCATION
Atlanta, GA
POSTED
5 days ago

Our client, a IT Services and Consulting company, is looking for a Cybersecurity Automation Engineer – Cortex XSOAR (Palo Alto SOAR) for their Atlanta, GA location.
 
Responsibilities:

  • Cybersecurity Automation Engineer to design, build, and maintain integrations and automated workflows within our SOAR platform (Cortex XSOAR). This role will focus on ingesting and correlating data from third-party risk and security tools (e.g., Archer, Security Scorecard, Splunk), enabling alerting for vendor-related threats, and executing automated response playbooks to reduce risk and response time.
  • Other responsibilities include:
SOAR Engineering & Integrations
  • Design, build, and maintain integrations between XSOAR and platforms such as Archer (or other GRC tools), Security Scorecard (or similar vendor risk tools), and SIEM solutions such as Splunk.
  • Develop custom connectors and API-based integrations where native connectors do not exist.
  • Normalize, enrich, and correlate data from third-party and external risk sources for operational use.
Third-Party Risk Alerting
  • Build alerting logic for vendor-related threats including vendor breaches, risk score degradation, SaaS abuse, and exposure of vendor-managed assets.
  • Correlate vendor risk signals with internal telemetry to determine potential business impact.
  • Enable SOC workflows for third-party-related detections.
Automation & Playbooks
  • Design and implement SOAR playbooks to triage, enrich, and respond to vendor-related alerts.
  • Automate response actions such as token revocation, access suspension, ticket creation, and stakeholder notification.
  • Maintain and optimize playbooks to reduce manual effort and mean time to respond (MTTR).
Operational Collaboration
  • Partner with SOC, Vendor Risk, Threat Modeling, and Detection Engineering teams to translate risk scenarios into automation logic.
  • Document integrations, workflows, and playbooks.
  • Monitor performance and reliability of SOAR automations.
 
Requirements:
  • Palo Alto xSOAR
  • Automaiton Workflow
  • Integration
  • Years of Experience:   14.00 Years of Experience
Skills: 
  • Category          Name   Required          Importance       Experience
  • Custom Skills   Automic Workload Automation Yes      1                     
  • Information Security     Cortex XSOAR Yes      1         
 
Why Should You Apply?

About the Company

I

ICONMA, LLC