Job Summary: Agility is seeking a Mid-Level Information Security Analyst to operate and administer security platforms, monitor and investigate incidents, and continuously enhance the SIEM/SOAR environment. Key Highlights: 1. Operation and administration of Palo Alto XSIAM and Wazuh platforms 2. Continuous monitoring and security incident response 3. Creation and maintenance of detection rules and automations Agility seeks a Mid-Level Information Security Analyst with an analytical, organized, and execution-oriented profile. This professional will primarily focus on the **operation and administration of Palo Alto XSIAM and Wazuh platforms**, supporting security monitoring, incident investigation and response activities, as well as continuous evolution of the SIEM/SOAR environment. **Responsibilities and Duties** **Main Activities:** * Administer and operate Palo Alto XSIAM and Wazuh platforms, ensuring availability, proper functionality, and adherence to best practices. * Perform **continuous monitoring**, triage, and analysis of security alerts. * Support incident investigations, including evidence collection, preliminary analysis, and escalation when necessary. * Support configuration and maintenance of **log ingestion integrations and pipelines**, ensuring data quality. * Support creation, tuning, and maintenance of **detection rules, correlations, and filters**, with emphasis on reducing false positives. * Execute and maintain existing **playbooks, runbooks, and automations** within SIEM/SOAR environments. * Support the SOC in **Cyber Incident Response** activities, including alert triage, initial containment, and incident documentation. * Contribute to operational improvements in security monitoring processes and controls. * Produce **dashboards, technical reports, and operational security metrics**. **Requirements and Qualifications** **Essential Knowledge** * Proven experience (minimum 2 years) in **SIEM/SOAR operation and administration** or SOC-related activities. * Hands-on experience with SIEM/SOAR tools, preferably **Palo Alto XSIAM and/or Wazuh**. * Basic to intermediate knowledge of **Python or scripting**, focused on automation and operational adjustments. * Knowledge of **Regular Expressions (Regex)**. * Knowledge of **Linux and Windows** operating systems. * Experience in **security monitoring, identification, and incident response**. * Familiarity with **EDR/XDR** solutions. * Knowledge of integrations, alert enrichment, and operational-level use of **APIs**. **Desirable Knowledge** * Fundamentals of **Cloud Security** (AWS, Azure, or GCP). * Familiarity with frameworks such as **MITRE ATT&CK**. **Language** * English for handling support tickets with vendors **Academic Background** * Completed bachelor’s degree in Information Technology, Networking, Computer Science, Engineering, or related fields. **Desirable Certifications** * CompTIA Security+ * SIEM/SOAR or Palo Alto (Cortex/XSIAM) certifications * Other security certifications will be considered a plus. **Additional Information** **Soft Skills** * Organization and strong time management. * Clear communication and professional demeanor. * Proactivity. * Collaboration and ability to work effectively in teams. Agility is a company that daily promotes innovative technology solutions to improve and develop businesses. We create strategies that transform to advance the market. We believe a simple solution can be a major step forward. If you believe this too, join our team!