XSIAM Detection & Automation Engineer

Role: XSIAM Detection and Automation Engineer

Experience

Required:

8+ Years (Preferred)
Must-Have

Skills:

Direct hands‑on experience with Cortex XSIAM and Cortex XSOAR

• Support and sustain day‑to‑day operations within Cortex XSOAR and Cortex XSIAM environments.
• Handle tuning requests, bug fixes, and enhancement requests for:
  • Playbooks
  • Automations
  • Python scripts
  • Correlation rules
  • Dashboards
  • Reports
• Manage incoming requests from Service Now and track work through Jira backlogs/Kanban boards.
• Develop, maintain, and optimize security detection content and automation workflows.
• Update and maintain data source parsing rules using regular expressions (Regex).
• Create and manage XDM (Extended Data Model) mappings for new data sources that do not have existing data models.
• Troubleshoot and resolve issues related to detections, automations, integrations, and data ingestion.
• Collaborate with security operations teams to improve detection coverage and response efficiency.
• Ensure security content remains aligned with evolving threat landscapes and operational requirements.

• Strong hands‑on experience with:
  • Cortex XSIAM
  • Cortex XSOAR
• Expertise in developing and maintaining:
  • Correlation Rules
  • Playbooks
  • Automation Rules
  • Dashboards
  • Reports
  • Custom Integrations
• Proficiency in Python scripting for automation and workflow development.
• Experience with log parsing and data normalization using Regex.
• Knowledge of XDM (Extended Data Model) creation and maintenance.
• Experience with Service Now ticketing workflows.
• Familiarity with Jira for backlog and task management.