XSOAR Engineer (Security Automation Engineer)

Job DescriptionJob Description

Overview

CTG is seeking to fill an XSOAR Engineer (Security Automation Engineer) opening for our client.

Location: Remote in Atlanta/Raleigh/Charlotte
Duration: Ongoing Contract

Job Summary: We are seeking a highly skilled and motivated XSOAR Engineer to join our Security Operations team. The ideal candidate will have strong experience in Palo Alto Cortex XSOAR (formerly Demisto), with a focus on building and maintaining security automations and playbooks. The XSOAR Engineer will be responsible for developing, deploying, and optimizing automation workflows to improve the efficiency and effectiveness of our SOC operations.

Key Responsibilities:

• Design, develop, and maintain custom playbooks and integrations in Cortex XSOAR.

• Automate manual SOC tasks and incident response workflows using Python and REST APIs.

• Integrate XSOAR with various security tools such as SIEMs, EDRs, firewalls, and ticketing systems (e.g., Splunk, CrowdStrike, ServiceNow).

• Collaborate with SOC analysts, threat hunters, and incident responders to identify automation opportunities.

• Continuously improve automation coverage, efficiency, and reliability of the XSOAR platform.

• Maintain and optimize data ingestion, correlation, and enrichment processes.

• Troubleshoot and resolve issues related to automation scripts, integrations, and playbooks.

• Document automation workflows, integration processes, and standard operating procedures.

• Stay up to date on new features and best practices in XSOAR and other security automation technologies.

Skills:

• Proficiency in Python scripting for automation tasks.

• Experience with REST APIs, JSON, and webhooks.

• Familiarity with security tools and protocols (e.g., SIEM, EDR, IDS/IPS, MITRE ATT&CK).

• Strong understanding of incident response, SOC workflows, and security operations.

• Excellent problem-solving and communication skills.

• Strong collaboration and teamwork abilities.

• Experience in troubleshooting and resolving automation-related issues.

Experience:

• 7+ years of experience working with Palo Alto Cortex XSOAR or similar SOAR platforms.

• Demonstrated experience in developing and maintaining custom playbooks, automating workflows, and integrating security tools.

• Experience working in a Security Operations Center (SOC) environment or with security automation tools.

Education:

• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent work experience.

Qualifications: Required:

• 7+ years of experience working with Palo Alto Cortex XSOAR or similar SOAR platforms.

• Proficient in Python scripting for automation tasks.

• Experience with REST APIs, JSON, and webhooks.

• Familiarity with security tools and protocols (e.g., SIEM, EDR, IDS/IPS, MITRE ATT&CK).

• Strong understanding of incident response, SOC workflows, and security operations.

• Excellent problem-solving and communication skills.

:

• Experience integrating XSOAR with platforms like Splunk, Microsoft 365 Defender, CrowdStrike, Okta, and ServiceNow.

• Knowledge of Docker and Linux-based systems.

• Experience in Agile environments and with CI/CD pipelines.

• Palo Alto Networks certifications (e.g., PCCSA, PCSAE) are a plus.

Excellent verbal and written English communication skills and the ability to interact professionally with a diverse group are required.

CTG does not accept unsolicited resumes from headhunters, recruitment agencies, or -based recruitment services for this role.

To Apply:
To be considered, please apply directly to this requisition using the link provided. For additional information, please contact Laura Dominguez at Laura.Dominguez@ctg.com. Kindly forward this to any other interested parties. Thank you!

The expected base salary for this position ranges from $105,000 to $115,000 annually. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, market factors, and where applicable, licensure or certifications obtained. In addition to salary, a competitive benefit package is also offered.