We are looking for a skilled XDR / SOAR Security Engineer with hands-on experience in modern security operations technologies to support and enhance our client's cybersecurity environment. The ideal candidate will have practical expertise in Extended Detection & Response (XDR), Security Orchestration, Automation & Response (SOAR), and Palo Alto security solutions, enabling proactive threat detection, efficient incident response, and continuous security improvement.
This role is best suited for professionals with solid operational experience in SOC environments who are passionate about threat investigation, automation, and improving security monitoring capabilities.
Key Responsibilities
- Deploy, configure, and manage XDR platforms (preferably Palo Alto Cortex XDR) to detect and respond to advanced threats.
- Design, develop, and maintain SOAR playbooks to automate incident response workflows.
- Monitor and analyze security alerts, logs, and incidents, ensuring timely investigation and resolution.
- Integrate security platforms such as SIEM, EDR, firewalls, and threat intelligence sources.
- Conduct threat hunting activities and perform detailed root cause analysis for security incidents.
- Configure and manage Palo Alto Next-Generation Firewalls (NGFW) including policies, NAT, VPN, and security profiles.
- Manage and optimize URL filtering, threat prevention, and security subscriptions.
- Continuously improve detection rules and playbooks to minimize false positives and enhance SOC efficiency.
- Provide L2/L3 security operations support for incident handling and troubleshooting.
- Prepare technical documentation, incident reports, and security analysis summaries.
- Collaborate with SOC teams, network engineers, and IT teams to strengthen the organization's overall security posture.
Required Qualifications
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
- 35 years of hands-on experience in cybersecurity operations or security engineering roles.
- Strong experience with:
- XDR platforms (preferably Palo Alto Cortex XDR)
- SOAR platforms (Cortex XSOAR or equivalent)
- Palo Alto Next-Generation Firewalls (NGFW)
- Good understanding of network security fundamentals, including:
- TCP/IP
- DNS
- HTTP/HTTPS
- SSL/TLS
- Experience working with SIEM tools and security monitoring platforms.
- Knowledge of MITRE ATT&CK framework and Incident Response lifecycle.
- Experience in log analysis, threat investigation, and malware analysis fundamentals.
- Strong analytical and troubleshooting skills.
Preferred Certifications
Candidates holding any of the following certifications will be highly regarded:
- Palo Alto PCNSE
- Palo Alto Cortex certifications
- CEH (Certified Ethical Hacker)
- CompTIA Security+
- GCIH (GIAC Certified Incident Handler)
- CISSP(considered an advantage)
Key Competencies
- Strong communication and documentation skills.
- Ability to operate effectively in a Security Operations Center (SOC) environment.
- Strong problem-solving and analytical thinking.
- Ability to work collaboratively with cross-functional technical teams.
- Detail-oriented with a proactive approach to security monitoring and incident management.
