Client & Project: We are seeking a new talent to join the Security team where you will have the opportunity to collaborate in the project.
The client is Sempra Infrastructure, a company that focuses on providing energy services and solutions to meet the needs of its customers while promoting sustainable practices.Responsibilities: An experienced XSOAR Engineer to design, develop, and maintain automation workflows and integrations that enhance our security operations capabilities.
The ideal candidate will have hands-on experience with Palo Alto Cortex XSOAR, solid knowledge of SOC processes, and the ability to translate security requirements into automated playbooks.
This role will work closely with security analysts, incident responders, and engineering teams to improve operational efficiency, reduce response times, and ensure effective incident handling.Key Responsibilities:- Design, develop, and maintain XSOAR playbooks, integrations, and automations to support SOC operations and incident response workflows.
- Collaborate with SOC analysts to gather requirements, identify automation opportunities, and translate them into actionable solutions.
- Optimize and troubleshoot existing playbooks, ensuring accuracy, reliability, and scalability.
- Integrate XSOAR with various security tools (SIEM, EDR, threat intelligence platforms, ticketing systems, etc.).
- Maintain documentation for playbooks, integrations, and automation processes.
- Conduct testing and validation of automation workflows before deployment.
- Provide training and knowledge transfer to SOC staff on the usage and capabilities of XSOAR solutions.
- Participate in post-incident reviews to identify further automation opportunities.Basic understanding of Security Information and Event Management (SIEM) and SOAR concepts.Familiarity with Palo Alto Cortex XSOAR (or similar automation/orchestration platforms).
Ability to create, modify, and troubleshoot automation playbooks using Python, YAML, or JavaScript.Knowledge of incident response processes (triage, investigation, escalation).
Basic scripting/programming experience (Python preferred).
Understanding of APIs (REST/SOAP) and how they integrate with SOAR platforms.Familiarity with common security tools and integrations (EDR, firewalls, email security, threat intel feeds, SIEMs like Splunk).
📌 Xsoar Consultant
🏢 Accenture
📍 Xico