SIEM/SOAR Specialist – XSOAR & Operations (RARR Job 5387)

We are hiring a SIEM/SOAR Specialist with strong expertise in XSOAR implementation, playbook development, and end-to-end security operations to enhance threat detection, response automation, and customer onboarding.

Key Responsibilities:

• Implement and administer SIEM/SOAR platforms with focus on XSOAR.

• Develop and troubleshoot playbooks; integrate third-party tools (SIEM, Email, ITSM).

• Monitor security events 24x7 and escalate incidents per SLAs and runbooks.

• Automate threat response using scripting (Python/Shell).

• Handle malware analysis, threat modeling, and use case creation.

• Onboard new customers – from host build to tenant setup.

• Assist in platform upgrades, testing, and configuration.

Mandatory Skills:

• SOAR Tools: XSOAR

• SIEM Tools: Splunk, QRadar, Securonix, Blusapphire

• Network Security: Next-Gen Firewalls, NAC, ZTNA, APT, IPS/IDS

• Endpoint Security: CrowdStrike, Symantec, Trellix, Trend Micro

• Firewalls: Palo Alto, Cisco ASA, CheckPoint, Fortinet

• SASE/Proxy: Zscaler, Prisma, NetSkope

• Other: Cisco Umbrella, Cisco ISE, HP Aruba, ForeScout, Threat Intel Feeds

• Skills in Architecture, Compliance Evaluation, Capacity Planning, Integration, SOC Operations