1

Xsoar Engineer Jobs (NOW HIRING)

Analyst

Cleveland, OH · On-site

$100K - $120K/yr

Hands-on experience with Palo Alto XSOAR and/or XSIAM, including playbook development, integrations, and automation. * Strong understanding of SOC operations, detection engineering, and incident ...

Senior Network Security Engineer

Baton Rouge, LA · On-site

$56.25 - $73.50/hr

Role: Senior Network Security Engineer Location : Baton Rouge, LA (On-site) Duration: Long Term ... XSoar and CorTex Management * External Dynamic List Management * Indicators of Compromise and ...

... SOAR, XSOAR, Swimlane , or similar. * 3+ years in cyber data engineering or analytics: log processing, enrichment, and telemetry pipelines. * Expertise in scripting languages like Python and ...

Sr. Torq/SOAR Engineer

Falls Church, VA · On-site

$140K - $190K/yr

The Sr. TORQ/SOAR Engineer serves as a technical leader and trusted authority for Security ... Stay current on competing SOAR technologies (e.g., Palo Alto Cortex XSOAR, Splunk SOAR, Siemplify ...

Sr. DevSecOps Engineer

San Diego, CA

$121K - $166K/yr

Overview SR. DEVSECOPS ENGINEER (PACMED): Bowhead seeks a Sr. DevSecOps Engineer to support in ... XSOAR or Splunk SOAR acceptable) * Container security experience (RapidFort, Anchore, Trivy, Aqua ...

next page

Showing results 1-20

Xsoar Engineer information

What are the key skills and qualifications needed to thrive as an XSOAR Engineer, and why are they important?

To thrive as an XSOAR Engineer, you need expertise in cybersecurity, scripting (such as Python), and incident response, usually supported by a degree in computer science or a related field. Familiarity with Palo Alto Cortex XSOAR, SIEM platforms, and relevant certifications like Palo Alto Networks Certified Security Automation Engineer (PCSAE) is essential. Strong problem-solving skills, attention to detail, and effective communication set top performers apart in this role. These skills and qualifications are vital for efficiently automating security operations and improving an organization's incident response capabilities.

What is an XSOAR Engineer?

An XSOAR Engineer is a cybersecurity professional who specializes in deploying, configuring, and maintaining Palo Alto Networks Cortex XSOAR (Extended Security Orchestration, Automation, and Response) platforms. Their main responsibilities include automating security operations, integrating threat intelligence, and developing playbooks to streamline incident response. XSOAR Engineers work closely with security teams to improve efficiency and reduce response times to cyber threats. They require strong knowledge of security operations, scripting, and integrating various security tools and APIs. This role is crucial in modern security operations centers (SOCs) to enhance automation and coordination of security processes.

What are some common challenges XSOAR Engineers face when integrating new security tools into an existing SOAR platform?

XSOAR Engineers often encounter challenges when integrating new security tools due to differences in APIs, data formats, and authentication methods. Ensuring seamless communication between platforms requires strong troubleshooting skills and an in-depth understanding of both the SOAR platform and the third-party tool. Additionally, engineers must carefully map data fields and develop custom scripts when out-of-the-box integrations are not available. Collaboration with security analysts and vendors is essential to address compatibility issues and maintain effective automation workflows.

What is the difference between Xsoar Engineer vs Cortex XSOAR Specialist?

AspectXsoar EngineerCortex XSOAR Specialist
CertificationsRelevant security and cloud certifications, such as Palo Alto Networks certificationsSame certifications, often including Palo Alto Networks certifications
Work EnvironmentSecurity teams, cybersecurity firms, IT departmentsSecurity operations centers, cybersecurity consulting firms
Industry UsageUsed across industries for security automation and orchestrationPrimarily in cybersecurity and threat management sectors
Job FocusDesign, develop, and maintain Xsoar integrations and automationImplement, optimize, and manage Cortex XSOAR platforms and playbooks

Both roles focus on security automation with Cortex XSOAR, but Xsoar Engineers typically develop and maintain integrations, while Cortex XSOAR Specialists focus on platform deployment and management. The roles often overlap, especially in organizations using Cortex XSOAR for security operations.

More about Xsoar Engineer jobs
What cities are hiring for Xsoar Engineer jobs? Cities with the most Xsoar Engineer job openings:
What states have the most Xsoar Engineer jobs? States with the most job openings for Xsoar Engineer jobs include:

Workflow Automation Engineer

Foreign Resource Development Associates

Nashville, TN • On-site

Full-time

Posted 22 days ago


Job description

Description:

Position Summary:

FRDA is looking for a Workflow Automation Engineer to design, build, and optimize automated processes across our security and IT ecosystem. This role focuses on reducing manual effort, improving response times, and ensuring consistent, scalable execution of critical workflows.


This role is ideal for someone looking to have a positive impact on security processes and work with a driven, multi-disciplined team.


This role is onsite in Nashville, TN.


Primary Duties and Responsibilities:

  • Design and implement automated workflows for security and IT operations, including incident response, vulnerability management, and identity lifecycle processes.
  • Integrate systems and tools (e.g., SIEM, EDR, IAM, ticketing platforms, cloud services) using APIs and webhooks.
  • Develop and maintain automation scripts and services primarily in Python or similar languages.
  • Build and manage orchestration within Security Orchestration, Automation, and Response (SOAR) platforms or workflow engines.
  • Ensure workflows, such as logging, monitoring, and alerting, are reliable, scalable, and observable.
  • Collaborate with security and operations teams to translate manual processes into automation.
  • Maintain version control, testing, and deployment pipelines for automation assets.
  • Continuously improve workflows based on incident reviews and operational feedback.
Requirements:

Minimum Qualifications:

  • A minimum of three (3) years of experience in automation, security engineering, DevOps, or related roles.
  • Strong scripting or programming skills (Python preferred).
  • Experience integrating systems via APIs and working with distributed systems.
  • Familiarity with cybersecurity technologies and frameworks such as Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), and Identity and Access Management (IAM).
  • Understanding of security or IT operational processes.
  • Experience with cloud platforms such as AWS, Azure, or GCP.


Preferred Qualifications:

  • Experience with SOAR platforms (e.g., Cortex XSOAR, Splunk SOAR, and Torq).
  • Knowledge of Infrastructure as Code practices such as Terraform.
  • Familiarity with modeling, detection and prevention concepts such as MITRE ATT&CK.
  • Experience working in regulated or compliance-driven environments.