🤖 15+ AI Agents working for you. Find jobs, score and update resumes, cover letter, interview questions, missing keywords, and lots more.
Cookies & analytics consent
We serve candidates globally, so we only activate Google Tag Manager and other analytics after you opt in. This keeps us aligned with GDPR/UK DPA, ePrivacy, LGPD, and similar rules. Essential features still run without analytics cookies.
Read how we use data in our Privacy Policy and Terms of Service.
🤖 15+ AI Agents working for you. Find jobs, score and update resumes, cover letter, interview questions, missing keywords, and lots more.
IBM • Lima, Lima, Peru
Role & seniority: Technical Consultant, Threat Detection Content & Administration (mid-level; 2+ years in SecOps/SOC Automation)
Stack/tools: Google SecOps (Chronicle), Palo Alto XSIAM, SIEM/XDR/EDR, SOAR, Python, REST API integrations, security automation concepts, incident analysis
Operate, configure, and maintain Google SecOps and/or Palo Alto XSIAM platforms; develop and tune automation playbooks, rules, and workflows
Develop custom automation actions in Python; design/integrate security tools and data sources via REST APIs
Analyze IOCs, investigate alerts, support security investigations, and collaborate with SOC and engineering teams to raise detection/automation maturity
Hands-on experience with Google SecOps (Chronicle) and/or Palo Alto XSIAM
Strong understanding of security automation concepts (playbooks, rules, workflows)
Experience developing Python-based integrations/automations; REST API experience
Knowledge of SIEM/XDR/EDR and SecOps workflows; alert analysis and incident handling
2+ years in SecOps, SOC Engineering, or Security Automation; intermediate English
Experience with other SOAR platforms (IBM SOAR, Splunk SOAR, Cortex XSOAR)
Bash, PowerShell, or CI/CD tooling for advanced automation
Understanding of MITRE ATT&CK and NIST frameworks
Security use-case design experience; relevant cloud security certifications (Google Cloud Security, Palo Alto
Introduction
A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences.
Your Role And Responsibilities
Operate and administer Google SecOps (formerly Chronicle Security) and/or Palo Alto XSIAM platforms. Design, configure, and maintain automation workflows, including playbooks, actions, automations, and rules. Develop and maintain custom automation actions using Python. Integrate security tools and data sources using REST APIs. Analyze indicators of compromise (IOCs), investigate alerts, and support security incident investigations. Collaborate with SOC and engineering teams to improve detection, response, and automation maturity across the SecOps ecosystem.
(Please note that, based on client sensitivity, all applicants will be required to undergo a background check, including legal and financial reviews (among others), as well as a general skills and knowledge assessment as part of the recruitment process)
Required Technical And Professional Expertise
Hands-on experience operating Google SecOps (Chronicle) and/or Palo Alto XSIAM. Solid understanding of security automation concepts (playbooks, rules, workflows). Experience developing custom integrations or automations using Python. Practical knowledge of REST API integrations between security platforms. Strong understanding of SIEM, XDR/EDR, and how security controls operate within a SecOps ecosystem. Experience with alert analysis, IOC handling, and incident investigation. 2+ years of experience in similar SecOps, SOC Engineering, or Security Automation roles. Intermediate English level (technical communication).
Preferred Technical And Professional Experience
Previous experience automating processes using traditional SOAR platforms, such as IBM SOAR, Splunk SOAR, Cortex XSOAR, or similar. Knowledge of Bash, PowerShell, or CI/CD tools to support advanced automation use cases. Understanding of security frameworks such as MITRE ATT&CK and NIST. Experience designing security use cases or automation use cases. Certifications related to Google Cloud Security or Palo Alto Networks are a strong plus.