[What the role is]
We are seeking a skilled Palo Alto Cortex Operations Engineer to join our cybersecurity team and take ownership of Day 2 Operations for our Palo Alto Cortex platform, including XSIAM and XDR solutions. This role is critical in maintaining the security posture of our organisation through proactive monitoring, incident response, and continuous improvement of our security operations capabilities.[What you will be working on]
Platform Management: Oversee day-to-day operations of Palo Alto Cortex XSIAM and XDR platforms, ensuring optimal performance, security posture, and system availability across MAS infrastructure
Security Operations: Conduct comprehensive log analysis, monitor security alerts in real-time, and lead incident response activities from detection through resolution and post-incident review
Threat Analysis & Assessment: Perform security assessments, vulnerability analysis, and threat hunting activities to proactively identify and mitigate potential security risks
Automation & Optimisation: Design, develop, and implement automation scripts using Python, PowerShell, or Bash to streamline security operations and reduce manual intervention
Systems Integration: Collaborate with infrastructure and security teams to integrate Cortex platforms with existing SIEM tools, threat intelligence platforms, and other security technologies
Stakeholder Engagement: Provide technical expertise, training, and guidance to internal teams on Cortex platform capabilities, security best practices, and operational procedures
[What we are looking for]
Technical Expertise
Minimum 3-5 years hands-on experience managing Palo Alto Networks Cortex XDR, XSIAM, or comparable EDR/XDR platforms in enterprise environments
Proficiency in scripting languages (Python, PowerShell, Bash) for security automation and operational tasks
Experience with SIEM platforms, log management systems, and security analytics tools
Knowledge of SOAR platforms and security orchestration workflows
Security Knowledge
Strong understanding of cybersecurity principles, threat detection methodologies, and incident response frameworks
Familiarity with security frameworks including MITRE ATT&CK, NIST Cybersecurity Framework, and ISO 27001
Knowledge of network security, endpoint protection, and cloud security architectures
Understanding of compliance requirements and audit processes in regulated financial environments
Professional Skills
Excellent analytical and problem-solving abilities with strong attention to detail
Proven communication skills with ability to explain complex technical concepts to diverse stakeholders
Demonstrated track record of successful project delivery and operational improvements
Experience working in regulated industries with strict security and compliance requirements
Personal Attributes
Ability to balance technical work with team coordination
Strong communication skills for engaging with stakeholders at all levels
Detail-oriented with excellent documentation skills
Self-motivated with the ability to work independently
Proactive approach to problem-solving and continuous improvement
Must be a good learner with the ability to pick up new skills quickly
Willing to take up challenges in uncharted areas and adapt to emerging technologies
Required Qualifications
Certifications
Palo Alto Networks Certified XSIAM Engineer (PCDRA)
Palo Alto Networks Certified XDR Engineer (PCEET)
Security Operations Professional certification (e.g., GCIH, GCFA, GNFA) or equivalent industry certification
Preferred Qualifications
Background in DevSecOps practices and security integration within development workflows
Experience with threat intelligence platforms and threat hunting methodologies
As part of the shortlisting process for this role, you may be required to complete a medical declaration and/or undergo further assessment.
This is a 3-year contract position. All applicants will be notified on whether they are shortlisted or not within 4 weeks of the closing date of this job posting.