Cybersecurity Subject Matter Expert

Who We Are

At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities.

The Role

Key Responsibilities:

• Design & Implementation: Lead the design, configuration, and implementation of Cortex XSIAM solutions, ensuring they meet organizational security requirements and integrate with existing infrastructure.
• Expertise in XSIAM: Deep understanding of the XSIAM platform, its features, and capabilities, including log ingestion, correlation rules, detection strategy, and integration with other security tools. Keep up to date with the latest XSIAM features, releases, and security threats, ensuring ongoing expertise
• Log Ingestion and Optimization: Devise and implement log ingestion strategies, ensuring high-quality log sources are ingested. Monitor and optimize log sources for performance

• Detection Strategy: Design and implement effective detection strategies, including the creation and tuning of correlation rules to identify and alert on potential threats

• Correlation Rules: Create and fine-tune correlation rules to enhance security detections. 

• Automation & Orchestration: Develop and maintain automated workflows, playbooks, and integrations to streamline incident response, threat detection, and security operations.
• Platform Optimization: Continuously monitor, tune, and optimize Cortex XSIAM performance, ensuring high availability and scalability.
• Security Operations Collaboration: Collaborate with Security Operations Center (SOC) teams to enhance incident management, response times, and threat intelligence sharing.
• Integration with Security Tools: Integrate Cortex XSIAM with SIEM, EDR, threat intelligence platforms, and other security tools to create a comprehensive security ecosystem.
•  Problem Solving:  Identify, analyze, and resolve technical issues related to XSIAM, providing effective solutions.
• Documentation and Reporting: Create and maintain technical documentation, training materials, and knowledge base articles for XSIAM. Maintain detailed documentation for system configurations, integrations, and workflows. Provide regular status reports to management on platform performance and incident metrics.
• Best Practices: Establish and maintain best practices for Cortex XSIAM configuration, workflow design, and incident response. Understanding of cybersecurity threats, vulnerabilities, and industry best practices.
• Customer Support and Consulting: Serve as a subject matter expert, providing consultative guidance to end-users on optimizing XSIAM usage. 
• Training & Support: Provide training to internal teams and clients on Cortex XSIAM features, workflows, and incident response protocols. Act as a go-to resource for troubleshooting and technical support.
• Innovation & Continuous Improvement: Stay current with the latest developments in Cortex XSIAM and cybersecurity automation, bringing innovative ideas to enhance security operations.
• Incident Management and Investigation: Assist in the design and execution of automated response playbooks for common and emerging threats, ensuring rapid and effective resolution of incidents.

Participate in incident response activities, including investigating security alerts and supporting incident resolution. 

Collaboration: Foster collaboration with internal and external teams to drive product adoption

• Threat Hunting: May be involved in proactive threat hunting activities, identifying potential vulnerabilities and threats. 

What we can offer:

• Competitive salary and benefits: Private Life & Health Insurance, Voluntary Pension Fund contribution and monthly benefit allowance to SZÉP card.
• Internal rewards and recognition programs.
• Ongoing wellbeing initiatives (including mental health support), team outings and seasonal gifts.
• Commuting and relocation support for local, EU or overseas candidates and their *spouses and children (*provided certain conditions are met).
• Annual profit-sharing bonus subject to company performance.
• Personal and professional development both in-person and online (certified trainings, on-the-job coaching & mentoring, career progression support); we also nurture new talent and 'career changers' through our comprehensive education programs and exclusive accreditations.
• Flexible working opportunities (part-time and home office) for a better work-life balance.
• Annual 1-day paid leave for volunteering.
• An open, diverse,  inclusive, and empathetic culture that supports learning and encourages collaboration over competition.
• As the proud owner of the Family Friendly Workplace certification, we provide great benefits for working parents with fair maternity and paternity leave policies such as additional bonding leave for dads and same-sex domestic partners at the birth or adoption of a child, accommodating working parents based on needs, organizing family events and many more.

Who You Are

Who You Are
You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others.

Required Skills and Experience
 

• 5+ years of security analyst experience, preferably in a managed services environment in XSIAM Engineer

• In-depth expertise in Palo Alto Networks Cortex XSIAM (XSOAR) platform.
• Proficient in scripting languages (e.g., Python, JavaScript) for creating automated workflows and integrations.
• Strong understanding of security technologies such as SIEM, SOAR, EDR, XDR and threat intelligence platforms.
• Hands-on experience with Cortex XSIAM integrations (e.g., RESTful APIs, webhooks, etc.).
• Experience with developing and tuning playbooks, tasks, and workflows within the Cortex XSIAM platform.
• Knowledge of security best practices and frameworks such as MITRE ATT&CK, NIST, ISO 27001, etc.

• Certifications (preferred):
  • Cortex XSOAR certification (e.g., Palo Alto Networks Cortex XSOAR Certified Automation Engineer).
  • Security Operations and Incident Response certifications (e.g., GIAC, SOC Analyst).

Soft Skills: -

• A proactive, detail-oriented approach to optimizing workflows and identifying

• Strong problem-solving and analytical abilities to troubleshoot complex security automation issues.
• Excellent communication skills, both verbal and written, with the ability to explain technical concepts to non-technical stakeholders.
• Ability to work independently and collaboratively in a fast-paced, cross-functional environment.

Being You

Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way.

What You Can Expect

With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations.  At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed.

Get Referred!

If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.