[Remote] XSIAM Consultant - Automation
Note: The job is a remote job and is open to candidates in USA. Entelligence is seeking an XSIAM Automation Consultant to support enterprise clients. The role involves providing guidance and technical expertise in implementing advanced security automation and orchestration solutions while collaborating closely with client security teams to design and optimize automation workflows.ResponsibilitiesLead security automation technical implementations in customer environments, designing and delivering complex playbook architectures and custom integrationsTranslate business and operational requirements into scalable, automated security workflowsAnalyze manual SOC processes and engineer them into automated, standardized playbooks with proper error handling and modularityDevelop and maintain custom integrations using Python to connect XSIAM with third-party security tools and internal systemsDesign automation roadmaps with customers; establish success metrics and KPIs for measuring automation impactPrepare technical documentation including architecture diagrams, playbook design specifications, runbooks, and operational proceduresConduct technical workshops and knowledge transfer sessions to enable customer teams to manage and expand automation capabilities independentlyManage multiple concurrent client engagements; prioritize effectively and maintain delivery quality across accountsCommunicate effectively at all organizational levels—from SOC analysts and security engineers to CISOs and executive leadershipEngage with the account team to ensure alignment on customer business and technical requirements through active client engagementSkills4+ years of hands-on experience in security operations, SOAR automation, or security engineeringProven experience building playbooks and managing integrations within the Cortex XSOAR or XSIAM ecosystemStrong Python proficiency for security tool development, custom integrations, and automation scriptingDeep understanding of incident response cycles, SOC workflows, and security operations processesDemonstrated experience in a consulting, professional services, or customer-facing delivery role with ability to manage multiple concurrent engagements with minimal oversightDetailed experience in the installation, configuration, operation, and documentation of security solutionsExperience working in a Security Operations Center (SOC) and documenting operational workflowsExcellent written and verbal communication skills; confirmed ability to present technical concepts to senior leaders and technical peersSome understanding of Linux and network troubleshooting analysisXSIAM-specific experience including unified data model, correlation rules, collectors, and parsersExperience with additional SOAR platforms (Phantom, Swimlane, Splunk SOAR) demonstrating platform-agnostic automation thinkingDetection engineering experience with MITRE ATT&CK mapping and use case developmentPrior experience at a Palo Alto Networks partner, VAR, or MSPPalo Alto Networks certifications (PCNSE, PCDRA, or XSOAR/XSIAM specialist credentials)Extensive experience working with security tool APIs (REST, JSON, OAuth)Experience with CI/CD for SOAR content, version control, and automated testing of playbooksPrevious experience with STIGs, RMF, NIST publications, and/or SCAPSecurity certifications: GCIA, CISSP, CEH, or Security+BenefitsMedical, dental, vision, and life insuranceHealth Savings Account (HSA) optionFlexible Spending Accounts (FSA)401(k) planVacation, sick time, and paid holidaysCompany OverviewEntelligence helps the world’s technology leaders quickly deliver their most advanced cloud solutions to their most important customers. It was founded in 1997, and is headquartered in Houston, Texas, USA, with a workforce of 201-500 employees. Its website is https://entelligence.com/.Company H1B SponsorshipEntelligence has a track record of offering H1B sponsorships, with 2 in 2021. Please note that this does not guarantee sponsorship for this specific role.