CrawlJobs Logo

Xsoar Cybersecurity Engineer

wearemeta.io Logo

We Are Meta

Location Icon

Location:
Portugal , Porto

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Seeking a XSOAR Cybersecurity Engineer. At WE ARE META, we focus on finding the perfect match between our Rhinos and our clients.

Requirements:

  • 3 years of professional experience, with at least 1 year of experience with SOAR
  • Good grasp of incident response, threat detection and security monitoring frameworks
  • Practical experience with Palo Alto Cortex XSOAR, Microsoft Sentinel and FortiSIEM (mandatory)
  • Holder of XOSAR Certification is valued
  • Fluency in Portuguese and English (B2 Level ou above)
  • Availability for a hybrid regime, 2x/week, in Lisbon or Porto offices (requires Portuguese or other EU citizenship, or a valid Portuguese work permit)
What we offer:
  • Welcome kit
  • Opportunities for career progression
  • Health insurance
  • Coverflex meal card
  • Other protocols and special discounts

Additional Information:

Job Posted:
February 08, 2026

Work Type:
Hybrid work
Icon
We Are Meta - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Xsoar Cybersecurity Engineer

OT Cybersecurity Senior Analyst

The Senior OT Cybersecurity Analyst will lead the detection and response to cybe...
Location
Location
Romania , Timisoara, Brasov, Bucharest, Sibiu, and Cluj-Napoca
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master’s or bachelor’s degree in related fields, preferably Cybersecurity, Computer Science or Engineering
  • Minimum 5-7 years of experience in IT Cybersecurity and 2 years in OT Cybersecurity
  • Proficient handling of specific tools like SIEM and network devices such as firewalls, IDS/IPS
  • Very good knowledge of OT security solutions with certifications in Nozomi
  • Advantageous skills: Claroty, Cyber Vision, Splunk, XSOAR, Swimlane, ServiceNow
  • Certifications such as SANS GICSP, or SANS GRID are a significant advantage
  • Technical understanding of common OT systems such as ICS, SCADA, PLCs, RTUs, HMI
  • Understanding of cybersecurity domains such as network security, EDR, anomaly detection
  • Understanding of common OT communications protocols
  • Understanding of MITRE ICS Attack Framework
Job Responsibility
Job Responsibility
  • Lead detection, response, mitigation, and reporting of cybersecurity threats within customer OT environment
  • Develop and optimize detections and automations in OT security appliances, SIEM, SOAR
  • Design and improve OT cybersecurity processes, procedures and trainings
  • Act as Incident Responder in OT Cybersecurity area
  • Main technical responsible for the customer – acting as Subject Matter Expert (SME) in contact with the customer
  • Propose recommendations for enhancing the customer’s OT environment security posture
  • Remain knowledgeable of the latest ICS/SCADA security threats, tactics, vulnerabilities and regulations
What we offer
What we offer
  • Smooth integration and a supportive mentor
  • Pick your working style: choose from Remote, Hybrid or Office work opportunities
  • Projects have different working hours to suit your needs
  • Sponsored certifications, trainings and top e-learning platforms
  • Private Health Insurance
  • Individual coaching sessions or accredited Coaching School
  • Epic parties or themed events
Read More
Arrow Right

Cyber Security Engineer

Join Citi's forward-thinking security organization as a Cyber Security Engineer,...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Harden Linux systems following CIS and internal security baselines
  • Manage and configure forward and reverse proxies: Blue Coat, Zscaler ZIA/ZPA, HAProxy, NGINX, Squid, Apache
  • implement and tune WAF and L7 security controls (F5 ASM, HAProxy, Cloudflare WAF)
  • administrate load balancers such as F5 BIG-IP, Citrix ADC, or HAProxy enterprise variants
  • Maintain, build, design virtualization technologies including VMware ESXi and Containerization & Orchestration: Deploy, manage, and secure containerized applications, with practical experience in container orchestration platforms such as OpenShift
  • Build automation with Ansible, Terraform, Python, Bash, and Git, applying IaC standards
  • Integrate, maintain, and monitor SIEM pipelines for Splunk, CRIBL, XSOAR Stack
  • Manage log enrichment, parsing, and transport via syslog or derivatives
  • 5+ years in cybersecurity or network security engineering and implementation, hands-on experience with automation tools Ansible, Bash and Python scripting
  • Familiar how to work with large scale enterprise networks and procedures during research/design and implementation phases
Job Responsibility
Job Responsibility
  • Design and implement robust security solutions that safeguard the organization against evolving cyber risks
  • Designing, implementing, and maintaining firewalls and related security solutions in scale
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Professional Services Staff Consultant

As a Senior Consultant for SOC Transformation & XSIAM / XSOAR Deployment, you wi...
Location
Location
France , Paris
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A proven track record - modernizing and transforming Security Operations Centers (SOCs) to achieve AUTOMATION, AI-driven detection, and measurable improvements in MTTD/MTTR
  • Exceptional executive presence, with strong verbal and written communication skills to engage with stakeholders from the SOC analyst to the CISO
  • Experience acting as a trusted advisor to senior security leaders
  • Ability to diagnose challenges and deliver strategic recommendations
  • 10+ years of hands-on experience in deploying and integrating SIEM/security analytics solutions within large enterprise environments
  • 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows
  • Hands-on technical mastery across SIEM, SOAR, EDR, cloud security, and threat intelligence
  • Ability to conceive, architect, and develop effective correlation and detection rules
  • Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar, is a plus
  • Strong expertise in Regular Expressions (Regex)
Job Responsibility
Job Responsibility
  • Serve as the lead strategic advisor and subject matter expert for customers undertaking a full-scale SOC modernization with XSIAM
  • Lead multi-national SOC transformation programs, consolidating fragmented detection and response processes into a unified, AI-driven platform
  • Direct enterprise-scale XSIAM deployments, guiding customers from initial strategy to full operationalization
  • Devise and oversee comprehensive log ingestion strategies to ensure high-quality data fuels the XSIAM platform
  • Architect and implement sophisticated detection strategies and correlation rules to fortify customer defenses against advanced threats
  • Fine-tune and optimize log sources and correlation rules to maximize system performance and detection efficacy
  • Identify opportunities to enhance analyst alert handling and response through automation
  • Transform ambiguity into structured action plans, driving accountability at every level of a customer engagement
  • Build and mentor high-performing professional services teams that blend consulting, engineering, and change management expertise
  • Partner with Product and R&D teams to incorporate field insights into roadmap priorities
Read More
Arrow Right

Professional Services Staff Consultant

As a Senior Consultant for SOC Transformation & XSIAM / XSOAR Deployment, you wi...
Location
Location
Spain , Madrid
Salary
Salary:
Not provided
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A proven track record in modernizing and transforming Security Operations Centers (SOCs) to achieve automation, AI-driven detection, and measurable improvements in MTTD/MTTR
  • Exceptional executive presence, with strong verbal and written communication skills to engage with stakeholders from the SOC analyst to the CISO
  • Experience acting as a trusted advisor to senior security leaders
  • Ability to diagnose challenges and deliver strategic recommendations
  • 10+ years of hands-on experience in deploying and integrating SIEM/security analytics solutions within large enterprise environments
  • 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows
  • Hands-on technical mastery across SIEM, SOAR, EDR, cloud security, and threat intelligence
  • Ability to conceive, architect, and develop effective correlation and detection rules
  • Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar, is a plus
  • Strong expertise in Regular Expressions (Regex)
Job Responsibility
Job Responsibility
  • Serve as the lead strategic advisor and subject matter expert for customers undertaking a full-scale SOC modernization with XSIAM
  • Lead multi-national SOC transformation programs, consolidating fragmented detection and response processes into a unified, AI-driven platform
  • Direct enterprise-scale XSIAM deployments, guiding customers from initial strategy to full operationalization
  • Devise and oversee comprehensive log ingestion strategies to ensure high-quality data fuels the XSIAM platform
  • Architect and implement sophisticated detection strategies and correlation rules to fortify customer defenses against advanced threats
  • Fine-tune and optimize log sources and correlation rules to maximize system performance and detection efficacy
  • Identify opportunities to enhance analyst alert handling and response through automation
  • Transform ambiguity into structured action plans, driving accountability at every level of a customer engagement
  • Build and mentor high-performing professional services teams that blend consulting, engineering, and change management expertise
  • Partner with Product and R&D teams to incorporate field insights into roadmap priorities
  • Fulltime
Read More
Arrow Right

Senior Detection and Response Engineer

The Senior Detection and Response Engineer is a critical technical role responsi...
Location
Location
United States
Salary
Salary:
128000.00 - 161000.00 USD / Year
alpha-sense.com Logo
AlphaSense
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years in security operations with 3+ years in detection engineering, including deep expertise in creating high-fidelity rules (SIGMA, YARA-L, KQL, SPL)
  • Proven track record of building detection strategies across SIEM, EDR, and Cloud platforms, grounded in the MITRE ATT&CK framework
  • Expert knowledge of SOAR platforms (e.g., Tines, Splunk SOAR, Cortex XSOAR), architecture, and complex playbook development
  • Proven experience designing and implementing SOAR platform architecture from concept to production
  • Advanced scripting and automation development skills in Python (required) for API integrations and security tool orchestration
  • Strong background in threat hunting methodology, hypothesis development, and campaign execution, with experience leading or co-leading hunting programs
  • Proficiency with data analysis, anomaly detection, and hands-on experience with hunting tools like Jupyter Notebooks, Osquery, and Velociraptor
  • Deep understanding of attack techniques, lateral movement, persistence mechanisms, and post-exploitation TTPs across Windows, Linux, and macOS
  • Familiarity with security frameworks including MITRE ATT&CK, PICERL, NIST CSF, and Detection Maturity Models, and incident response best practices
  • Proven ability to lead technical initiatives, mentor team members, and communicate complex technical concepts to diverse audiences
Job Responsibility
Job Responsibility
  • Design, implement, and maintain advanced detection rules and correlation logic across SIEM , EDR, and Cloud platforms (AWS, GCP)
  • Lead detection strategy and architecture aligned with the Detection Quality frameworks
  • Write high-fidelity detection rules using languages like SIGMA and YARA-L
  • Conduct deep log source analysis, perform threat modeling, adversary emulation, and maintain MITRE ATT&CK mapping coverage
  • Conduct detection gap analysis to identify coverage opportunities across the kill chain
  • Create and maintain detection playbooks, runbooks, and comprehensive documentation
  • Perform detection quality assessments and continuous improvement initiatives
  • Develop complex automated response playbooks for multi-stage incidents spanning multiple security tools
  • Integrate security tools via APIs (SIEM, EDR, MDM, CASB, ITSM, threat intelligence platforms)
  • Create automated enrichment pipelines incorporating threat intelligence, asset context, and user behavior analytics
What we offer
What we offer
  • performance-based bonus
  • equity
  • a generous benefits program
  • Fulltime
Read More
Arrow Right

Principal Cybersecurity Incident Analyst

The Principal Analyst Cybersecurity Incident is a key role responsible for manag...
Location
Location
Australia , Melbourne
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Information Technology or Computer Science preferred
  • Relevant certifications such as SANS GIAC Security Essentials (GSEC)
  • At least 5 years of experience in the technology information security industry
  • Hands-on experience in administering & managing SIEM platforms Palo Alto XSIAM, Splunk, Microsoft Sentinel etc.
  • Hands-on experience to Analyse logs/events from SIEM solution, wireshark and other infrastructure
  • Deep knowledge of cybersecurity concepts, technologies, and best practices
  • Experience in working in Security Operation Centre and Network Security operations
  • Hands-on experience in administering & managing Vulnerability Management solutions like Qualys, Tenable etc.
  • Hands-on experience in administering & managing SOAR Palo Alto Cortex XSOAR or other SOAR solutions
  • Expertise in writing new and interpreting query language SPL, KQL, XQL
Job Responsibility
Job Responsibility
  • Act like a SIEM consultant who provides expertise and guidance to organizations in setting up, managing, and improving their SOC capabilities
  • Look over dashboards, and reports from the previous day or shift, including checking for any new threats and identifying malware
  • Prepare for and respond to system breaches or attacks
  • Respond to hacks or network insecurities and working to prevent new ones
  • Participate in a shift roster which may comprise of shifts business hours and after hours
  • Assessing SIEM maturity: Evaluating the existing SIEM setup and capabilities of an organization
  • Developing or refining the SIEM infrastructure, the architecture, tools, processes, and workflows of a SOC
  • Implementing security technologies when necessary: Assessing, selecting, and implementing various security technologies such as SIEM, SOAR systems, intrusion detection systems, threat intelligence platforms, and incident response tools
  • Support the Security Management Lifecycle including: monitoring, investigation, research, correlation, trend analysis, remediation and siem configuration
  • Developing security policies and procedures: Assisting in developing, documenting, maintaining SOC standard operating procedures (SOPs), incident response plans, playbooks, and other security policies
  • Fulltime
Read More
Arrow Right

SOC Solutions Engineer - QRadar and Splunk

Join a leading Managed Service Provider as a SOC Solutions Engineer specializing...
Location
Location
United Kingdom , Birmingham; London; Glasgow
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must be able to obtain SC Clearance or already hold SC clearance
  • Hands-on experience of IBM QRadar
  • Strong knowledge of log formats, parsing, and normalization
  • Experience with KQL, SPL, AQL, or other SIEM query languages
  • Familiarity with scripting (Python, PowerShell) for automation and enrichment
  • Deep understanding of threat detection, incident response, and cyber kill chain
  • Familiarity with MITRE ATT&CK, NIST, and CIS frameworks
  • Strong verbal and written English communication
  • Strong interpersonal and presentation skills
  • Strong analytical skills
Job Responsibility
Job Responsibility
  • Deploy, configure, and maintain SIEM platforms (Splunk, QRadar, Sentinel, Defender, Chronicle)
  • Onboard and normalize log sources across cloud and on-prem environments
  • Develop and optimize analytical rules for threat detection, anomaly detection, and behavioural analysis
  • Design and implement incident response playbooks for various threat scenarios (e.g., phishing, lateral movement, data exfiltration)
  • Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to automate triage and response
  • Continuously refine playbooks based on threat intelligence and incident feedback
  • Monitor and analyse security alerts and events to identify potential threats
  • Perform in-depth investigations and coordinate incident response activities
  • Collaborate with threat intelligence teams to enrich detection logic
  • Conduct threat modelling exercises using frameworks like MITRE ATT&CK, STRIDE, or Kill Chain
What we offer
What we offer
  • Range of tailored benefits that support your physical, emotional, and financial wellbeing
  • Continuous growth and development opportunities
  • Flexible work options
  • Inclusive work environment
  • Range of Inclusion Networks such as: the Women’s Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network
  • Fulltime
Read More
Arrow Right

Security Engineer

As a SOC Engineer at NTT DATA, you will play a crucial role in defending clients...
Location
Location
United Kingdom , Birmingham
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven hands-on experience with SIEM platforms such as Splunk, QRadar, Sentinel, Microsoft Defender, or Chronicle
  • Expertise with SIEM query languages (e.g., KQL, SPL, AQL) and strong knowledge of log normalization and parsing
  • Proficiency in scripting (e.g., Python, PowerShell) to automate tasks and build SOC efficiencies
  • Deep familiarity with cyber threat detection techniques related to frameworks like MITRE ATT&CK and vulnerability management
  • Experience managing ITIL processes, including Incident, Problem, and Change Management
  • CISSP, GIAC, SC-200, Splunk Power User/Admin, QRadar Specialist, or Chronicle Security Engineer certifications preferred
  • Candidates must be eligible to obtain UK SC clearance
  • Strong analytical and communication skills to present complex information to technical and non-technical stakeholders
  • Experienced in collaborative team dynamics and independent problem-solving
  • Proven ability to transfer knowledge and mentor junior SOC team members effectively
Job Responsibility
Job Responsibility
  • Deploy, configure, and maintain SIEM platforms such as Splunk, QRadar, Sentinel, and Chronicle to enable robust threat detection
  • Normalize and onboard diverse log sources from cloud and on-premises environments for seamless monitoring
  • Develop and continually refine SIEM rules and queries for use cases involving advanced threat behaviors and anomaly detection
  • Design and implement incident response playbooks for threats such as phishing, lateral movement, malware infections, and more
  • Integrate response automation into SOAR platforms (e.g., XSOAR, Azure Logic Apps), reducing response times and manual overhead
  • Use feedback from simulated incidents and threat intelligence to refine existing playbooks and workflows
  • Monitor security alerts for potential threats, investigate incidents, and coordinate cross-team response activities
  • Collaborate with threat intelligence teams to enhance detection logic and fine-tune resolution processes
  • Perform root-cause analysis (RCA) of recurring incidents and help define corrective actions to reduce future risks
  • Perform threat modeling using industry frameworks such as MITRE ATT&CK, STRIDE, or the Cyber Kill Chain
What we offer
What we offer
  • We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing
  • Our Learning and Development team ensure that there are continuous growth and development opportunities for our people
  • We also offer the opportunity to have flexible work options
Read More
Arrow Right
Remote jobs Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog Salaries About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy