[Remote] XSIAM Consultant - Automation

Note: The job is a remote job and is open to candidates in USA. Entelligence is seeking an XSIAM Automation Consultant to support enterprise clients. The role involves providing guidance and technical expertise in implementing advanced security automation and orchestration solutions while collaborating closely with client security teams to design and optimize automation workflows.

Responsibilities

• Lead security automation technical implementations in customer environments, designing and delivering complex playbook architectures and custom integrations
• Translate business and operational requirements into scalable, automated security workflows
• Analyze manual SOC processes and engineer them into automated, standardized playbooks with proper error handling and modularity
• Develop and maintain custom integrations using Python to connect XSIAM with third-party security tools and internal systems
• Design automation roadmaps with customers; establish success metrics and KPIs for measuring automation impact
• Prepare technical documentation including architecture diagrams, playbook design specifications, runbooks, and operational procedures
• Conduct technical workshops and knowledge transfer sessions to enable customer teams to manage and expand automation capabilities independently
• Manage multiple concurrent client engagements; prioritize effectively and maintain delivery quality across accounts
• Communicate effectively at all organizational levels—from SOC analysts and security engineers to CISOs and executive leadership
• Engage with the account team to ensure alignment on customer business and technical requirements through active client engagement

Skills

• 4+ years of hands-on experience in security operations, SOAR automation, or security engineering
• Proven experience building playbooks and managing integrations within the Cortex XSOAR or XSIAM ecosystem
• Strong Python proficiency for security tool development, custom integrations, and automation scripting
• Deep understanding of incident response cycles, SOC workflows, and security operations processes
• Demonstrated experience in a consulting, professional services, or customer-facing delivery role with ability to manage multiple concurrent engagements with minimal oversight
• Detailed experience in the installation, configuration, operation, and documentation of security solutions
• Experience working in a Security Operations Center (SOC) and documenting operational workflows
• Excellent written and verbal communication skills; confirmed ability to present technical concepts to senior leaders and technical peers
• Some understanding of Linux and network troubleshooting analysis
• XSIAM-specific experience including unified data model, correlation rules, collectors, and parsers
• Experience with additional SOAR platforms (Phantom, Swimlane, Splunk SOAR) demonstrating platform-agnostic automation thinking
• Detection engineering experience with MITRE ATT&CK mapping and use case development
• Prior experience at a Palo Alto Networks partner, VAR, or MSP
• Palo Alto Networks certifications (PCNSE, PCDRA, or XSOAR/XSIAM specialist credentials)
• Extensive experience working with security tool APIs (REST, JSON, OAuth)
• Experience with CI/CD for SOAR content, version control, and automated testing of playbooks
• Previous experience with STIGs, RMF, NIST publications, and/or SCAP
• Security certifications: GCIA, CISSP, CEH, or Security+

Benefits

• Medical, dental, vision, and life insurance
• Health Savings Account (HSA) option
• Flexible Spending Accounts (FSA)
• 401(k) plan
• Vacation, sick time, and paid holidays

Company Overview

Company H1B Sponsorship