Senior Associate XSOAR ADMIN

Company description Resources is the backbone of Publicis Groupe, the worlds third-largest communications group. Formed in 1998 as a small team to service a few Publicis Groupe firms, Re:Sources has grown to 5,000+ people servicing a global network of prestigious advertising, public relations, media, healthcare and digital marketing agencies. We provide technology solutions and business services including finance, accounting, legal, benefits, procurement, tax, real estate, treasury, and risk management to help Publicis Groupe agencies do what they do best: create and innovate for their clients. In addition to providing essential, everyday services to our agencies, Re:Sources develops and implements platforms, applications and tools to enhance productivity, encourage collaboration and enable professional and personal development. We continually transform to keep pace with our ever-changing communications industry and thrive on a spirit of innovation felt around the globe. With our support, Publicis Groupe agencies continue to create and deliver award-winning campaigns for their clients Overview Job Title: Senior Associate Location :Gurgaon We are seeking a highly skilled and detail-oriented Palo Alto Cortex XSOAR Administrator to join our Security Operations Center (SOC). The ideal candidate will be responsible for designing, developing, and maintaining SOAR playbooks, implementing security automation. This role is critical in reducing manual effort, improving response times, and ensuring standardized, automated handling of security incidents across the organization. Responsibilities Design, develop, and maintain Cortex XSOAR playbooksfor automated incident response, alert enrichment, triage, and remediation. Build and manage automation scripts(Python-based) to support playbooks, data enrichment, and response actions. Integrate Cortex XSOAR with security tools such as SIEM, EDR/XDR, NGFW, CASB, DLP, Email Security, and Threat Intelligence platforms. Develop and manage custom integrationsusing REST APIs and JSON where required. Perform incident orchestration by correlating alerts from multiple security platforms for unified investigation and response. Optimize and continuously improve existing playbooks to reduce false positives, manual intervention, and MTTR. Work closely with SOC analysts, CSIRT, and platform owners to translate operational use cases into automated workflows. Create and maintain standard operating procedures (SOPs)and documentation for playbooks, automations, and response processes. Assist in troubleshooting platform issues, playbook failures, and integration errors. Qualifications Full Time Bachelor’s / Master’s degree Preferred Certifications Palo Alto Networks Cortex XSOAR Engineer / Automation certifications Additional information Strong hands-on experience with Palo Alto Cortex XSOAR (administration and development). Expertise in playbook design, automation rules. Proficiency in Python scriptingfor automation and integration development (mandatory). Working knowledge of REST APIs, JSON, and webhooks. Experience integrating SOAR with SIEM, EDR/XDR, firewalls, email security, cloud security tools, and ticketing systems. Knowledge of MITRE ATT&CK framework, threat intelligence, and security event correlation. Familiarity with cloud and hybrid environments (AWS, Azure, GCP).