IT Security Analyst I

Overview :

TekWissen is a global workforce management provider headquartered in Ann Arbor, Michigan that offers strategic talent solutions to our clients world-wide. Our client is a health insurance company. It offers different types of health care coverage plans that include individual and family, dental and vision, plans for employers, etc.

Title: IT Security Analyst I

Work Location: Detroit, MI, 48226

Duration: 9 Months

Job Type: Temporary Assignment

Work Type: Remote

Dept: EIS Purchased Services

Engagement Description:

• We are seeking a highly skilled and experienced Cortex XSOAR Professional to join our cybersecurity team.
• The ideal candidate will be a subject matter expert in the Palo Alto Networks Cortex XSOAR platform, responsible for designing, developing, and deploying security orchestration, automation, and response (SOAR) solutions.
• This role requires a strong background in scripting, API integration, and a deep understanding of security operations center (SOC) workflows.
• The successful candidate will play a key role in enhancing our security posture by automating incident response, improving efficiency, and integrating various security tools to create a cohesive and automated security ecosystem.
• This is a critical position for someone who is passionate about cybersecurity and leveraging automation to solve complex security challenges.

Top 3 Required Skills/Experience:

• Cortex XSOAR Expertise: Extensive experience in designing, developing, and deploying Cortex XSOAR playbooks. A deep understanding of XSOAR context data structures, incident layouts, and war rooms is essential. The ability to debug, optimize, and maintain playbooks for performance and reliability is a core requirement.
• Scripting and Integration Proficiency: Proven proficiency in Python is mandatory. This role requires experience working with REST and other APIs to integrate XSOAR with a wide range of security tools and platforms. The ability to troubleshoot complex API/integration issues and build custom integrations when off-the-shelf solutions are not available is critical.
• Automation of SOC Workflows: Hands-on experience in automating and orchestrating SOC workflows. This includes a strong command of incident triage, enrichment, and remediation use cases, such as phishing response, endpoint isolation, threat intelligence, and vulnerability management. The candidate must be skilled in identifying security or workflow gaps and designing modular, scalable automation solutions to address them.

Preferred Skills/Experience Optional but preferred skills/experience. Include:

• Experience in integrating SOAR platforms with Splunk and other security tools to enhance incident response capabilities.
• Experience connecting XSOAR with a variety of security tools, including Splunk, CrowdStrike, and email security solutions (Proofpoint).
• Knowledge of other scripting languages beyond Python.
• Strong understanding of general cybersecurity principles and SOC operations.
• Experience building custom dashboards and reports within the XSOAR platform.
• Excellent soft skills, including strong communication, the ability to translate stakeholder requirements into technical solutions, and robust documentation skills.

Education/Certifications Include:

Preferred but not required:

• Bachelor's degree in Cyber Security, Computer Science, or related field

TekWissen Group is an equal opportunity employer supporting workforce diversity.