Cyber Detection & Automation Engineer (XSOAR to XSIAM Migration Execution)

5 days ago

To Apply for this Job Click Here

Job Summary:
This role exists to execute a large-scale migration of security automation and orchestration content from Cortex XSOAR to Cortex XSIAM as part of our banking client’s enterprise AI-Ready Cyber Resilience program. The engineer will provide hands-on keyboard execution capacity to refactor, rebuild, and migrate Python-based scripts, playbooks, automations, and enrichment logic at scale.

This is a pure execution-focused content engineering role—not strategy or design-heavy—requiring deep familiarity with the Cortex ecosystem and the ability to move quickly within a structured migration effort.

Top 3 Priorities in First 90 Days

Execute high-volume content migration
- Refactor and migrate XSOAR content (scripts, playbooks, lists, automations) into XSIAM.
- Ensure functional parity and optimal performance in XSIAM.
Collaborate with internal execution team
- Work alongside a team of 6 FTEs to coordinate migration sequencing and dependencies.
- Align on standards, reuse patterns, and migration best practices.
Ensure code quality and deployability
- Maintain Python script integrity during refactoring.
- Test and validate automation workflows post-migration.

Required Skills (Must-Haves)

4–9+ years – Mid-to-senior level engineer. Must be able to contribute immediately with minimal ramp
Direct hands-on experience with Cortex XSOAR AND/OR Cortex XSIAM
Proven experience building and deploying:
- playbooks
- automations
- enrichment scripts
- orchestration workflows
Strong Python development inside XSOAR/XSIAM
Experience in banking or regulated environments
Experience modifying/refactoring existing security automation content
Experience working in execution-heavy engineering roles (high volume delivery)
Ability to work in a team-based migration effort with defined deliverables

Nice-to-Have Skills

Experience migrating or upgrading SIEM/SOAR platforms
Familiarity with content conversion between platforms
Experience with detection engineering or SOC automation teams
Understanding of data structures within XSIAM vs XSOAR
Exposure to CI/CD or version-controlled content deployment

Ideal Background

Palo Alto Cortex XSOAR/XSIAM engineers
Detection / SOAR automation engineers
Security automation engineers in large enterprises
Consultants who have supported Cortex implementations or migrations
Engineers from managed security service providers (MSSPs)