Automation Developer with Cortex XSOAR

Job Description

We are looking for a talented and experienced automation developer who can leverage XSOAR, Python, and Splunk to create, maintain, and enhance our cybersecurity solutions. You will be working with a team of analysts, engineers, and architects to design, develop, and deploy automation workflows, scripts, and dashboards that improve our efficiency, effectiveness, and security posture.

Responsibilities

• Collaborate with stakeholders to understand, analyze, and refine Cortex XSOAR automation requirements specifications.
• Pull AD data into XSOAR playbook and support process automation through complex calls into Splunk tables.
• Integrate Splunk with XSOAR for efficiency, i.e., reduce manual steps/workflows.
• Lead Knowledge Transfer sessions on general XSOAR development best practices.

Qualifications

• Bachelor's degree in Computer Science/Cybersecurity, Engineering, or related field, or equivalent work experience
• At least 3 years of experience in automation development using XSOAR, Python, and Splunk
• Strong knowledge of cybersecurity concepts, principles, and practices
• Proficient in Palo Alto Cortex XSOAR platform, Python programming, and Splunk query language
• Familiar with RESTful APIs, JSON, XML, and other data formats
• Experience with version control, testing, and debugging tools.
• Excellent communication, collaboration, and problem-solving skills
• Certifications in XSOAR, Python, and Splunk are preferred.

Brief Scope of Work:

• Utilizing Python or other coding languages to pull data from Active Directory into XSOAR playbooks.
• Related to a, utilizing XSOAR to utilize complex calls into Splunk tables for data enrichment to support process automation
• Integrating Splunk into XSOAR by deduplicating XSOAR raised alerts within a 72-hour period
• XSOAR threat intel enrichments to reduce manual workflows and increase analyst bandwidth
• Mentoring/shadowing engineers/staff Abbott on general XSOAR development best practices