Required Skills and Experience

• Candidates should have 7–8 years of experience in a SOC or cybersecurity operations role. They must possess strong hands-on expertise with Palo Alto Cortex XSOAR and Cortex XDR, along with a deep understanding of SOAR workflows, playbook design, and automation logic. A solid background in incident response, threat hunting, malware analysis, and security forensics is essential.
• Experience with security tools such as SIEM (e.g., Splunk, QRadar), EDR, IDS/IPS, firewalls, and threat intelligence platforms is required. Familiarity with scripting languages like Python and JavaScript for automation and integration tasks is expected. Candidates should be proficient in interpreting logs from firewalls, proxies, endpoints, servers, and cloud environments.
• Knowledge of the MITRE ATT&CK framework, NIST, and other security standards/frameworks is important. Strong analytical thinking, problem-solving, and communication skills are necessary. The role demands the ability to work in a high-pressure environment and handle multiple incidents concurrently.

Preferred Qualifications

• Certifications such as Palo Alto Networks Cortex XSOAR or XDR (e.g., PCSAE) are preferred. Additional security certifications like GCIA, GCIH, CEH, CISSP, or similar are advantageous.
• Experience working in a 24/7 SOC environment is desirable, as is exposure to cloud security monitoring across platforms like AWS, Azure, and GCP.