Job Title:  T&T | Cyber: D&R | XSOAR | Assistant Manager I Mumbai

The team  

Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Learn more about Cybersecurity  

Your work profile

• Develop and optimize automation playbooks within SOAR platforms (preferably Palo Alto XSOAR/XSIAM).
• Design and implement custom integrations with third-party tools using Python.
• Maintain and enhance SOAR platform infrastructure, including setup, configuration, upgrades, data purging etc.
• Troubleshoot playbook or integration issues and ensure high availability of SOAR services. 

Key skills required  

• 4-7 years of experience into Develop and optimize automation playbooks within SOAR platforms (preferably Palo Alto XSOAR/XSIAM).
• We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society.  
• In addition to living our purpose, Senior Executive across our organization must strive to be: 
• Utilize XSOAR platforms to automate security processes and response activities. 
• Develop, maintain, and enhance automated playbooks in SOAR platforms to streamline and improve incident response workflows. 
• Collaborate with security analysts and incident responders to design playbooks that automate and orchestrate the detection, triage, investigation, and remediation of security incidents. 
• Integrate playbooks with a variety of security tools such as SIEMs, firewalls, threat intelligence platforms, endpoint protection tools, and ticketing systems to improve the efficiency of the security operations center.
• Strong proficiency in Python for scripting and automation. Test playbooks to ensure they are working as expected, troubleshoot issues, and optimize them for performance and scalability. 
• Document playbook logic, workflows, and integrations to ensure that they are understandable and maintainable by other team members. 
• Work closely with security engineers, analysts, and IT teams to align playbook development with security operations needs and organizational goals. 
• Provide technical expertise in the configuration and optimization of SOAR tools. 
• Assist in the evaluation and selection of SOAR technologies based on organizational needs. 
• Document and maintain standard operating procedures for SOAR processes and playbooks. 
• Proven experience with SOAR tools (XSOAR/XSIAM experience highly preferred)
• Familiarity with XSOAR/XSIAM platform administration, including health monitoring, backup/restore, and performance tuning.
• Bachelor’s degree in Cybersecurity, Information Technology, or related field.

T