SIEM/SOAR: viLogics Internal SIEM/SOAR, Microsoft Sentinel, Splunk, LogRhythm, Cortex XSOAR * EDR ... Fully remote with optional travel to client locations or viLogics Data Centers * Rotational 24/7 ...
SIEM/SOAR: viLogics Internal SIEM/SOAR, Microsoft Sentinel, Splunk, LogRhythm, Cortex XSOAR * EDR ... Fully remote with optional travel to client locations or viLogics Data Centers * Rotational 24/7 ...
Remote Xsoar information
What are the key skills and qualifications needed to thrive as a Remote XSOAR Analyst, and why are they important?
To thrive as a Remote XSOAR Analyst, you need expertise in cybersecurity principles, incident response, and automation scripting, often supported by a degree in computer science or a related field. Familiarity with Palo Alto Networks Cortex XSOAR, SIEM platforms, and relevant certifications like CISSP or Security+ are typically required. Strong analytical thinking, effective communication, and the ability to work independently are crucial soft skills in this role. These skills ensure timely threat response, efficient automation of security processes, and clear collaboration with global teams in a remote environment.
How does a Remote XSOAR professional typically collaborate with security teams across different locations?
As a Remote XSOAR (Cortex XSOAR) professional, you’ll often work closely with security analysts, incident responders, and IT staff who may be distributed globally. Collaboration is typically managed through digital communication platforms, regular virtual meetings, and workflow automation within the XSOAR platform itself. You’ll be responsible for building and maintaining playbooks that integrate with other teams’ processes, ensuring all stakeholders are aligned on incident response procedures. Effective communication and documentation are key to overcoming the challenges of remote collaboration and ensuring timely, coordinated responses to security incidents.
What is a Remote XSOAR role?
A Remote XSOAR role involves working with Palo Alto Networks Cortex XSOAR, a security orchestration, automation, and response (SOAR) platform, from a remote location. Professionals in this role are responsible for designing, implementing, and managing automated security workflows to improve incident response efficiency. They collaborate with security teams to integrate various tools and systems, create playbooks, and ensure seamless threat detection and response, all while working outside the traditional office environment. Strong knowledge of cybersecurity concepts, scripting, and familiarity with XSOAR are essential for success in this position.
What are popular job titles related to Remote Xsoar jobs in Pennsylvania? For Remote Xsoar jobs in Pennsylvania, the most frequently searched job titles are:
What job categories do people searching Remote Xsoar jobs in Pennsylvania look for? The top searched job categories for Remote Xsoar jobs in Pennsylvania are:
Full-time
Posted 6 days ago
Job description
Position Overview:
As a SOC Analyst at viLogics, you are a front-line cyber defender operating within the Total Secure Office 365 (TSO 365) framework-our fully managed cybersecurity and IT services platform. In this MSSP (Managed Security Services Provider) environment, you will work alongside elite engineers to deliver continuous threat detection, incident response, and risk mitigation for our clients, across industries ranging from healthcare and education to manufacturing and state/local government.
This role requires deep analytical skills, collaborative instincts, and operational fluency in cloud, hybrid, and on-prem environments. Analysts must be comfortable supporting viLogics' proprietary FastTrack Cybersecurity Model, which includes fully integrated MDR/XDR, SIEM, SASE, PAM, and secure backup platforms.
Core Responsibilities:
Security Monitoring & Threat Detection
- Monitor endpoints, servers, SaaS platforms (e.g., M365), and cloud workloads via viLogics integrated MDR/XDR platform.
- Analyze events from viLogics' SIEM/SOAR environment and escalate based on criticality and workflows.
- Apply threat intelligence feeds, MITRE ATT&CK mapping, and behavioral analytics to detect advanced persistent threats (APTs), ransomware, and zero-day exploits.
Incident Triage & Response
- Lead real-time response to Tier 1 and Tier 2 security events using viLogics' TSO toolkits, including playbook-driven SOAR workflows.
- Document incident reports with impact assessments and recommended mitigations; coordinate remediation with client IT teams or viLogics' Helpdesk.
- Participate in post-incident reviews, ensuring lessons learned are documented and improvements applied to IR playbooks.
Operational Excellence & Automation
- Tune correlation rules, detection logic, and alert thresholds to align with client risk profiles and compliance requirements (HIPAA, CMMC, PCI, etc.).
- Recommend improvements for automated containment workflows (quarantining hosts, revoking credentials, etc.).
- Assist with purple team exercises and tabletop simulations facilitated under viLogics' cyber readiness engagements.
Client-Facing Collaboration
- Participate in monthly client briefings to review detected threats, trends, and security posture improvements.
- Translate complex technical findings into executive-level insights during client calls and compliance audits.
- Provide risk prioritization to clients leveraging viLogics' Cyber Exposure Index and SaaS Alert integrations.
Toolsets You'll Work With:
- SIEM/SOAR: viLogics Internal SIEM/SOAR, Microsoft Sentinel, Splunk, LogRhythm, Cortex XSOAR
- EDR/XDR/MDR: viLogics EDR, SentinelOne, Defender for Endpoint, Huntress, CrowdStrike (client-dependent)
- IAM/PAM: ThreatLocker, Microsoft Entra ID (Azure AD), Duo
- Network Security: DNS Filtering, ZTNA, SASE Netskope, Prisma Access)
- Backup & DR: Veeam, Zerto, Rubrik, Air-Gap Immutable Storage
- Compliance Integrations: CISv8, NIST 800-171, HIPAA, CMMC 2.0, PCI-DSS
Required Qualifications:
- 1-3 years in a SOC, MSSP, or threat analyst role
- Strong understanding of TCP/IP, DNS, HTTP/S, and log analysis
- Familiarity with MITRE ATT&CK, threat intelligence platforms, and TTP correlation
- Hands-on experience with at least one SIEM, one EDR/XDR platform, and identity protection tools
- Solid knowledge of Microsoft 365 workloads, including Defender for Office, Teams, OneDrive, and SharePoint
Preferred Certifications:
- CompTIA Security+ or CySA+
- Microsoft SC-200: Security Operations Analyst
- GIAC Certified Detection Analyst (GCDA)
- EC-Council CSA / CEH
- Kaseya One certifications
- SentinelOne or CrowdStrike analyst certifications
What Sets This Role Apart at viLogics:
Work inside a Tier-3 SOC 2 Certified Data Center
Help clients qualify for $1.5M+ in bundled cybersecurity insurance
Operate in a Zero Trust Architecture (ZTA) environment with integrated SASE, SD-WAN, and PAM
Be part of a team that blends ITIL-based service delivery with cyber warfare-level response protocols
Career Trajectory:
- Tier 2 / Tier 3 SOC Analyst
- Cyber Threat Hunter
- vCISO or Compliance Officer
- DFIR Specialist or Security Engineer
- TSO 365 Platform Architect
Work Environment:
- Fully remote with optional travel to client locations or viLogics Data Centers
- Rotational 24/7 coverage schedule with premium for overnight/weekend shifts
- Collaborative, fast-paced security operations team focused on measurable impact and client security maturity