Infra Ops & Support Specialist, Cybersecurity Platform Operations (Contract)

Location: MAS: MAS Building

Time Type: Full time

Job Description

[What the role is]

We are seeking a skilled Palo Alto Cortex Operations Engineer to join our cybersecurity team and take ownership of Day 2 Operations for our Palo Alto Cortex platform, including XSIAM and XDR solutions. This role is critical in maintaining the security posture of our organisation through proactive monitoring, incident response, and continuous improvement of our security operations capabilities.

The successful candidate will work in a dynamic environment, collaborating with cross-functional teams to ensure optimal security coverage and operational excellence.

[What you will be working on]

• Platform Management: Oversee day-to-day operations of Palo Alto Cortex XSIAM and XDR platforms, ensuring optimal performance, security posture, and system availability across MAS infrastructure

• Security Operations: Conduct comprehensive log analysis, monitor security alerts in real-time, and lead incident response activities from detection through resolution and post-incident review

• Threat Analysis & Assessment: Perform security assessments, vulnerability analysis, and threat hunting activities to proactively identify and mitigate potential security risks

• Automation & Optimisation: Design, develop, and implement automation scripts using Python, PowerShell, or Bash to streamline security operations and reduce manual intervention

• Systems Integration: Collaborate with infrastructure and security teams to integrate Cortex platforms with existing SIEM tools, threat intelligence platforms, and other security technologies

• Stakeholder Engagement: Provide technical expertise, training, and guidance to internal teams on Cortex platform capabilities, security best practices, and operational procedures

[What we are looking for]

Technical Expertise

• Minimum 3-5 years hands-on experience managing Palo Alto Networks Cortex XDR, XSIAM, or comparable EDR/XDR platforms in enterprise environments

• Proficiency in scripting languages (Python, PowerShell, Bash) for security automation and operational tasks

• Experience with SIEM platforms, log management systems, and security analytics tools

• Knowledge of SOAR platforms and security orchestration workflows

Security Knowledge

• Strong understanding of cybersecurity principles, threat detection methodologies, and incident response frameworks

• Familiarity with security frameworks including MITRE ATT&CK, NIST Cybersecurity Framework, and ISO 27001

• Knowledge of network security, endpoint protection, and cloud security architectures

• Understanding of compliance requirements and audit processes in regulated financial environments

Professional Skills

• Excellent analytical and problem-solving abilities with strong attention to detail

• Proven communication skills with ability to explain complex technical concepts to diverse stakeholders

• Demonstrated track record of successful project delivery and operational improvements

• Experience working in regulated industries with strict security and compliance requirements

Personal Attributes

• Ability to balance technical work with team coordination

• Strong communication skills for engaging with stakeholders at all levels

• Detail-oriented with excellent documentation skills

• Self-motivated with the ability to work independently

• Proactive approach to problem-solving and continuous improvement

• Must be a good learner with the ability to pick up new skills quickly

• Willing to take up challenges in uncharted areas and adapt to emerging technologies

Required Qualifications

Certifications

• Palo Alto Networks Certified XSIAM Engineer (PCDRA)

• Palo Alto Networks Certified XDR Engineer (PCEET)

• Security Operations Professional certification (e.g., GCIH, GCFA, GNFA) or equivalent industry certification

Preferred Qualifications

• Background in DevSecOps practices and security integration within development workflows

• Experience with threat intelligence platforms and threat hunting methodologies

As part of the shortlisting process for this role, you may be required to complete a medical declaration and/or undergo further assessment.

This is a 3-year contract position. All applicants will be notified on whether they are shortlisted or not within 4 weeks of the closing date of this job posting.