Role & Responsibilities:
SOAR Implementation and Management
- Design, develop, and maintain SOAR playbooks and integrations using Cortex XSOAR.
- Implement and manage security automation workflows to enhance incident response and streamline security operations.
- Work closely with cross-functional teams to identify opportunities for automation in detecting, triaging, and responding to security incidents.
- Assist in the investigation and resolution of security incidents, leveraging automated tools and technologies.
- Integrate SOAR platforms with existing security tools, including SIEM, EDR, Firewalls and threat intelligence platforms for seamless security orchestration.
- Create custom SOAR integration and scripts using APIs for various functions.
- Experience in SOAR version upgrades and integration upgrades.
- Provide training and support to team members on the use of SOAR and automation tools.
- Maintain comprehensive documentation of automation processes, playbooks, and integration points.
Automation Development
- Utilize Automation Anywhere to develop and deploy automated processes across various security functions.
- Create and maintain automation scripts and bots to reduce manual effort and improve response time
Technical Experience:
- 4-5 years of experience in cybersecurity with a focus on security automations.
- Proven experience with Cortex XSOAR and Automation Anywhere.
- Good understanding of cybersecurity concepts, including incident response, and vulnerability management.
- Proficiency in scripting languages such as Python or PowerShell.
- Experience with security tools and technologies such as SIEM, EDR and firewalls.
Soft Skills:
- Excellent problem-solving and analytical skills.
- Strong communication and collaboration abilities.
- Ability to work in a fast-paced environment and manage multiple priorities.
Certifications:
- Relevant certifications related to Automation Anywhere and Cortex XSOAR or Cyber functions will be a plus.
