About the Division
The Cyber Defense Center (CDC) is part of the Chief Information Security Officer (CISO) Office. The primary responsibility of the CDC team is to minimize cyber threat risks by monitoring and mitigating malicious activities targeted at the company's services, assets, and personnel. The CDC also provides cybersecurity expertise across all divisions of the company and interacts with external stakeholders, including customers, oversight bodies, threat intelligence providers, and third parties.
The Detection & Response Engineering team within the CDC consists of:
Detection/System Network Engineers - responsible for implementing and maintaining threat detections.
SOAR Developers - responsible for developing automated response solutions such as playbooks, scripts, and integrations.
Role Overview
As a SOAR Engineer, you will be responsible for developing and maintaining the code and capabilities of the Security Orchestration, Automation, and Response (SOAR) platform (Cortex XSOAR). Reporting to the Manager of Detection & Response Engineering, you will collaborate closely with detection engineers and incident response teams to prioritize tasks, evaluate technical trade-offs, and enhance automation capabilities within the SOAR platform.
Key Responsibilities
Develop, maintain, and deploy new Security Orchestration and Automation content, including:
Custom SOAR Playbooks
Automations/Scripts and Jobs
Dashboards, reports, and widgets
RESTful API integrations
Optimize incident response efforts by leveraging XSOAR for Security Orchestration, Automation, and Response.
Automate manual Security Operations Center (SOC) procedures and maintain efficient playbooks.
Document SOAR workflows, scripts, and maintain version control in an established code repository.
Utilize Python and other scripting languages for custom automation development.
Ensure seamless integration of new playbooks with the existing automation framework.
Prioritize and coordinate backlog of SOAR integration and automation requests, balancing defect resolution with new feature development.
Work closely with the Incident Response Team to identify and implement process improvements.
Qualifications & Skills
Technical Skills:
3+ years of experience in a similar cybersecurity or automation role.
Advanced knowledge of the Palo Alto Cortex XSOAR platform.
Ability to create comprehensive documentation for Cortex XSOAR playbooks.
Proficiency in Python, JavaScript, and PowerShell (PowerShell is a plus).
Strong understanding of REST/SOAP/WSDL/XML (Web services).
Knowledge of cybersecurity incident response procedures (SOC analyst or Incident Responder experience is a plus).
Strong understanding of cybersecurity technologies, protocols, and applications.
Soft Skills:
Strong analytical and problem-solving skills, especially under pressure.
Excellent time management, organizational, and documentation skills.
Ability to communicate complex technical concepts clearly and effectively.
Passionate about working in a rapidly growing cybersecurity environment.
Fast learner with the ambition to self-improve and innovate.
Additional Information
Candidates must be based in Belgium, France, or the Netherlands.
UK-based candidates will only be considered if they apply via an accredited umbrella company.
On-site presence in Belgium for 4 days per month is mandatory.
Only 3 CVs per submission are allowed - failure to comply with this request may result in rejection.
Do not contact the Hiring Manager directly - non-compliance may result in disqualification of candidates.
This is an exciting opportunity to join a leading financial sector company and contribute to its cybersecurity automation and response initiatives. If you have the right skills and experience, we look forward to your application!
