StopAHack.com® is a veteran-founded cybersecurity and technology services company seeking a hands-on XSIAM Automation Consultant to support enterprise customers. The role focuses on building automation playbooks, developing custom integrations, and improving SOC efficiency within the Palo Alto Networks Cortex ecosystem.
Responsibilities:
- Design, build, and maintain automation playbooks that improve and accelerate incident response and security operations within Cortex XSIAM
- Analyze manual SOC and incident response workflows, then transform them into scalable, repeatable automation solutions
- Develop and maintain custom integrations using Python to connect XSIAM with third-party security tools and internal platforms
- Leverage REST APIs and JSON data structures to support orchestration across security technologies
- Manage and deploy content packs, dashboards, layouts, and related automation content aligned to customer use cases
- Perform health checks, troubleshooting, and optimization of integrations, automation flows, and platform content
- Act as a subject matter expert on XSIAM and XSOAR automation strategy, design, and operational best practices
- Partner with customer security teams to define automation roadmaps, identify opportunities for efficiency, and improve security maturity
- Deliver knowledge transfer, technical workshops, and enablement sessions for customer security teams
- Document designs, implementation decisions, workflows, and best practices in a clear, customer-friendly manner
Requirements:
- Hands-on experience building automation playbooks and managing integrations within Cortex XSOAR and/or Cortex XSIAM
- Strong Python programming skills for automation, scripting, and integration development
- Deep understanding of SOC workflows, incident response processes, and security operations use cases
- Strong experience working with REST APIs, integrations, and JSON data handling
- Ability to troubleshoot complex issues across automation workflows, integrations, and orchestration logic
- Strong customer-facing communication skills with the ability to explain technical concepts clearly and effectively
- Ability to operate independently and manage technical workstreams with minimal oversight
- Applicants must be authorized to work in the United States without current or future sponsorship
- Experience developing or supporting automation content in enterprise security environments
- Palo Alto Networks certifications such as PCNSE, PCDRA, or other XSOAR/XSIAM-related credentials
- Experience advising customers on automation strategy, roadmap development, and operational maturity
- Strong workshop delivery, documentation, and technical enablement experience