Your new company

Your new role

• Designing, developing, and implementing automation scripts and workflows using SOAR platforms, Palo Alto Cortex XSOAR, and custom scripting (Python, Bash, PowerShell).
• Building automated playbooks for incident detection, triage, and response to reduce manual effort and improve response times.
• Integrating various security tools (SIEM, endpoint detection, firewalls) into automated workflows for seamless data exchange and correlation.
• Creating automated incident response playbooks, enhancing threat intelligence ingestion, and automating repetitive tasks using Palo Alto Cortex XSOAR.
• Developing and maintaining automation solutions for security operations across Windows and Linux environments, ensuring compliance, system hardening, patch management, and real-time monitoring.
• Working closely with SOC analysts to identify challenges and opportunities for automation, refining processes to align with SOC needs.
• Managing, configuring, and optimising security tools and platforms, including SIEM systems, Palo Alto Cortex XSOAR, EDR, and firewalls.
• Developing automated reporting systems for continuous visibility into SOC operations, incident trends, and workflow performance.
• Staying updated with the latest security automation technologies, trends, and best practices to enhance SOC automation processes.

What you'll need to succeed

• At least 3–5 years of experience in a SOC or related security operations role.
• Strong experience with Windows and Linux server administration, including scripting, configuration management, and troubleshooting.
• In-depth knowledge of Palo Alto Cortex XSOAR, including playbook creation, integration, and automation.
• Familiarity with common SIEM platforms (e.g., MS Sentinel, Splunk), and security tools (e.g., firewalls, EDR, IDS/IPS).
• Strong understanding of network security, endpoint protection, and incident management. • • Scripting and automation languages (Python, PowerShell, Bash, etc.).
• Experience with REST APIs and web services for system integration.
• Experience with security incident management, threat intelligence integration, and SOC processes.
• Strong problem-solving and troubleshooting skills.
• Ability to work independently and as part of a team.
• Excellent communication skills, both written and verbal.
• Strong attention to detail and a proactive approach to identifying and mitigating risks.

What you'll get in return

• Stable job based on Contract of Employment
• Hybrid work in Kraków
• Chance to work in newly developed Cybersecurity structures in an international working environment.

What you need to do now

If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.

Hays Poland sp. z o.o. is an employment agency registered in a registry kept by Marshal of the Mazowieckie Voivodeship under the number 361.