T&T- Cyber-D&R-SOC 2.0-SOC Ops -AM-Hyderabad

Job Description:

• Utilize SOAR platforms to automate security processes and response activities.
• Develop, maintain, and enhance automated playbooks in SOAR platforms to streamline and improve incident response workflows.
• Collaborate with security analysts and incident responders to design playbooks that automate and orchestrate the detection, triage, investigation, and remediation of security incidents.
• Integrate playbooks with a variety of security tools such as SIEMs, firewalls, threat intelligence platforms, endpoint protection tools, and ticketing systems to improve the efficiency of the security operations center
• Test playbooks to ensure they are working as expected, troubleshoot issues, and optimize them for performance and scalability.
• Document playbook logic, workflows, and integrations to ensure that they are understandable and maintainable by other team members.
• Work closely with security engineers, analysts, and IT teams to align playbook development with security operations needs and organizational goals.
• Provide technical expertise in the configuration and optimization of SOAR tools.
• Assist in the evaluation and selection of SOAR technologies based on organizational needs.
• Document and maintain standard operating procedures for SOAR processes and playbooks.
• Experience with Cortex XSOAR (preferred) or other security orchestration platforms.

Technical Skills:

Proficiency with SOAR platforms (Cortex XSOAR, Splunk Phantom, IBM Resilient, or similar).

Strong understanding of security technologies (e.g., SIEM, EDR, firewalls, vulnerability management).

Knowledge of scripting and automation (Python, JavaScript, PowerShell, etc.) for building playbooks and integrations.