Application Programming Interface (API), Asset Management, Automation, Automation Engineering, Health Plan, Information Technology Consulting, Information/Data Security (InfoSec), Internet Security, Performance Analysis, Risk, Risk Management, Risk Modeling, Scorecarding, Security Information and Event Management (SIEM), Software as a Service (SaaS), Splunk, Telemetry, Threat Modeling, Vendor/Supplier Evaluation, Workload Automation
Our client, a IT Services and Consulting company, is looking for a Cybersecurity Automation Engineer – Cortex XSOAR (Palo Alto SOAR) for their Atlanta, GA location.
Responsibilities:
- Cybersecurity Automation Engineer to design, build, and maintain integrations and automated workflows within our SOAR platform (Cortex XSOAR). This role will focus on ingesting and correlating data from third-party risk and security tools (e.g., Archer, Security Scorecard, Splunk), enabling alerting for vendor-related threats, and executing automated response playbooks to reduce risk and response time.
- Other responsibilities include:
SOAR Engineering & Integrations- Design, build, and maintain integrations between XSOAR and platforms such as Archer (or other GRC tools), Security Scorecard (or similar vendor risk tools), and SIEM solutions such as Splunk.
- Develop custom connectors and API-based integrations where native connectors do not exist.
- Normalize, enrich, and correlate data from third-party and external risk sources for operational use.
Third-Party Risk Alerting- Build alerting logic for vendor-related threats including vendor breaches, risk score degradation, SaaS abuse, and exposure of vendor-managed assets.
- Correlate vendor risk signals with internal telemetry to determine potential business impact.
- Enable SOC workflows for third-party-related detections.
Automation & Playbooks- Design and implement SOAR playbooks to triage, enrich, and respond to vendor-related alerts.
- Automate response actions such as token revocation, access suspension, ticket creation, and stakeholder notification.
- Maintain and optimize playbooks to reduce manual effort and mean time to respond (MTTR).
Operational Collaboration- Partner with SOC, Vendor Risk, Threat Modeling, and Detection Engineering teams to translate risk scenarios into automation logic.
- Document integrations, workflows, and playbooks.
- Monitor performance and reliability of SOAR automations.
Requirements:- Palo Alto xSOAR
- Automaiton Workflow
- Integration
- Years of Experience: 14.00 Years of Experience
Skills: - Category Name Required Importance Experience
- Custom Skills Automic Workload Automation Yes 1
- Information Security Cortex XSOAR Yes 1
Why Should You Apply?