Job Summary: Agility is seeking a Senior Information Security Analyst with strong technical expertise and systemic vision to lead the evolution of security incident detection, automation, and response processes. Key Highlights: 1. Technical reference in SIEM/SOAR with focus on Palo Alto XSIAM and Wazuh. 2. Handling high-complexity incident investigation and response. 3. Opportunity to lead the organization’s cyber maturity evolution. Agility seeks a Senior Information Security Analyst with strong technical expertise, systemic vision, and autonomy. This professional will serve as the **technical reference for SIEM/SOAR**, directly working with Palo Alto XSIAM and Wazuh, and leading the evolution of security incident detection, automation, and response processes. **Responsibilities and Duties** **Main Activities:** * Administer, maintain, and evolve the **Palo Alto XSIAM and Wazuh** platforms, ensuring availability, performance, and adherence to best practices. * **Design, develop, and maintain log ingestion integrations and pipelines**, defining standards for quality, normalization, and retention. * **Design and implement advanced use cases**, detection rules, and correlation logic, focusing on effectiveness and continuous reduction of false positives. * **Design, develop, and maintain playbooks, runbooks, and automations** within SIEM/SOAR environments. * Conduct **investigation and response to high-complexity incidents**, including containment, root cause analysis, and improvement recommendations. * **Technically lead the SOC** during critical incidents, acting as the focal point and guiding less-experienced analysts. * Propose and implement architectural, process, and automation improvements to elevate the organization’s cyber maturity. * Define and monitor **security KPIs and metrics**, producing technical and executive reports. * Serve as the **internal technical reference** on topics related to SIEM, XDR, and security automation. **Requirements and Qualifications** **Mandatory Knowledge** * Proven experience (minimum 4 years) in **SIEM/SOAR administration and evolution**. * Practical experience with **Palo Alto XSIAM and/or Wazuh** in production environments. * Proficiency in **Python, scripting, and security automation design**. * Solid knowledge of **Regex** and log manipulation. * Proficiency in **Linux and Windows**. * Proven experience in **Incident Response**, including critical incidents. * Strong knowledge of **EDR/XDR** and integration with SIEM. * Experience with integrations via **APIs**, alert enrichment, and advanced automations. **Desirable Knowledge** * Experience with **Cloud Security** (AWS, Azure, or GCP). * Knowledge of frameworks such as **MITRE ATT&CK**, **NIST 800-53**. * Familiarity with standards such as **NIST CSF**, **ISO 27001**, **OWASP**, and security controls. **Language** * English for handling support tickets with vendors **Academic Background** * Completed undergraduate degree in Information Technology, Networking, Computer Science, Engineering, or related fields. **Desirable Certifications** * Certifications in **SIEM/SOAR or Palo Alto Cortex/XSIAM** * CompTIA Security+ or equivalent * Cloud Security certifications will be considered a differentiator **Additional Information** **Soft Skills** * Autonomy and sense of ownership. * Ability to make technical decisions. * Clear communication and technical influence. * Organization and priority management. * Collaboration and mentoring of less-experienced professionals. Agility is a company that daily promotes innovative technology solutions to improve and develop businesses. We create strategies that transform to advance the market. We believe that a simple solution can be a major step forward. If you believe in this too, join our team!