Principal Palo Alto Cortex XSIAM Specialist
NTT Corporation
- Johannesburg, Gauteng
- Permanent
- Full-time
- Implement Cortex XSIAM: Deploy and configure the Cortex XSIAM platform to serve as the central hub of SOC activity, replacing traditional SIEM solutions.
- Manage Security Operations: Utilize XSIAM’s capabilities such as data centralization, intelligent stitching, and analytics-based detection to drive security operations.
- Automation and Analytics: Embed automation and analytics to reduce SOC costs and make SecOps processes self-sustainable.
- Incident Management: Oversee incident management, ensuring that routine incidents are recognized, handled, and closed efficiently.
- Serve as SME and escalation point for operational teams.
- A bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.
- Advanced degrees or certifications such as CISSP, CISM, or CompTIA Security+ would be a plus.
- Candidates must hold a Palo Alto Networks Certified Security Automation Engineer (PCSAE) certification.
- Experience: At least 10 years of experience in cybersecurity, with a focus on threat detection, incident response, and security operations. Experience in managing Palo Alto Cortex XDR and XSIAM or other SIEM tools is a must.
- Palo Alto Cortex XDR and XSIAM Expertise: Deep understanding of Palo Alto Cortex XDR and XSIAM capabilities, including data connectors, analytics rules, workbooks, hunting queries, and playbooks. Experience in deploying, configuring, and managing Palo Alto Cortex XDR and XSIAM in a large enterprise environment.
- Cybersecurity Knowledge: Strong knowledge of cybersecurity principles, IT governance, and regulatory and legal requirements related to cybersecurity.
- Technical Skills: Proficiency in scripting languages such as PowerShell, KQL or Python. Familiarity with cloud platforms, particularly Microsoft Azure, is essential.
- Excellent problem-solving skills
- Ability to work under pressure
- Strong communication skills to effectively collaborate with other teams and explain complex security concepts to non-technical stakeholders.