MM Management Consultant
Website:
m3consultant.net
Job details:
Job Title: Senior Security Automation Engineer (Cortex XSIAM Expert) Role Overview We are seeking a heavyweight Cortex XSIAM & SOAR Expert to lead our automation initiative. Your primary mission is to transform our SOC from manual triaging to an automated powerhouse. The goal is clear: 80% automation of our existing playbook library. You will be responsible for designing, building, and refining complex workflows that integrate disparate security tools into a cohesive, automated response engine. Key Responsibilities ● Playbook Engineering: Design and implement end-to-end automation playbooks in Cortex XSIAM using both out-of-the-box integrations and custom Python scripts. ● Workflow Optimization: Audit existing manual processes and "code-ify" them to reduce Mean Time to Respond (MTTR) and eliminate analyst fatigue. ● Platform Mastery: Manage the XSIAM environment, including data ingestion, XQL (Xalt Query Language) development, and alert tuning. ● API Integration: Build custom integrations between XSIAM and third-party tools (EDR, Firewall, IAM, AWS) where native connectors may fall short. ● Continuous Improvement: Monitor playbook performance and "auto-remediate" common false positives to ensure the SOC focuses only on high-fidelity threats. ● Experience is integrating Automation scripts and doing regressive testing for low error rates for tasks. Technical Qualifications ● Expert-level Cortex XSIAM/XSOAR: Proven track record of building complex, multi-stage playbooks (loops, conditional logic, and sub-playbooks). ● Advanced Scripting: Proficiency in Python and PowerShell is mandatory for custom task creation. ● XQL Proficiency: Ability to write complex queries for data correlation and dashboarding. ● Security Context: Deep understanding of the MITRE ATT&CK framework and common incident response lifecycles (Phishing, Malware, Brute Force, etc.). ● Integration Experience: Experience working with REST APIs and JSON/XML data structures. The "80% Automator" Profile We aren't looking for someone to just "tinker" with the UI. We need a strategist who can look at a manual SOP (Standard Operating Procedure) and identify the exact logic gates required to remove human intervention from the loop
Click on Apply to know more.