Infosec SOAR Engineer

POSITION SUMMARY

Zoetis, Inc. is the world's largest producer of medicine and vaccinations for pets and livestock. The Zoetis Tech & Digital (ZTD) Global ERP organization is as a key building block of ZTD comprising of enterprise applications and systems platforms.

Join us at Zoetis India Capability Center (ZICC) in Hyderabad, where innovation meets excellence. As part of the world's leading animal healthcare company, ZICC is at the forefront of driving transformative advancements and applying technology to solve the most complex problems. Our mission is to ensure sustainable growth and maintain a competitive edge for Zoetis globally by leveraging the exceptional talent in India.

At ZICC, you'll be part of a dynamic team that partners with colleagues worldwide, embodying the true spirit of One Zoetis. Together, we ensure seamless integration and collaboration, fostering an environment where your contributions can make a real impact. Be a part of our journey to pioneer innovation and drive the future of animal healthcare.

The Information Security Strategy & Risk Management team at Zoetis ensures a secure strategy through a disciplined process of making colleagues security savvy, driving down residual risk, reducing the attack surface, all while enabling the business. This team is responsible for critical services that strengthen Zoetis security posture, including protecting sensitive data, identifying and mitigating cyber threats, and seamlessly integrating secure assets during organizational changes. Key functions within the team include Security Operations, Vulnerability Management, Threat Intelligence, Security Awareness, Mergers & Acquisitions Security, and Operational Technology (OT) Security. Through these services, the team empowers the organization to operate securely and efficiently in a dynamic digital environment.

The SOAR Engineer is responsible for designing, implementing, and maintaining automated security workflows to streamline incident response and threat management within an organization. This role involves integrating various security tools, developing playbooks, and collaborating with security analysts to enhance detection, investigation, and remediation processes.

POSITION RESPONSIBILITIES

Percent of Time

Design, build, and optimize XSOAR playbooks for alert triage, enrichment (Threat Intel, EDR, SIEM), containment, escalation, and reporting.

Integrate SOAR with SIEM, EDR (CrowdStrike, Threat Intel, ITSM, Identity, Email (M365), and Data Security applications.

Maintain platform health: monitor performance, review logs, manage integrations, handle upgrades, and troubleshoot failures.

Implement robust error handling, retries, and circuit breakers within playbooks; ensure idempotent and safe actions.

Develop and maintain documentation for playbooks, integrations, operational procedures, and release notes.

Partner with SOC analysts, threat hunters, IR, and IT teams to translate requirements into reliable automation; conduct UAT and stakeholder signoffs.

Establish version control, testing, and CI/CD practices for playbook code and content (e.g., Git-based workflows)

Track and report automation KPIs; recommend enhancements based on new SOAR features and operational trends. 100%

ORGANIZATIONAL RELATIONSHIPS

Collaborates closely with onshore security teams, including Security Operations, Vulnerability Management, Threat Intelligence, Security Awareness and Data Protection

Works with cross-functional teams such as Infrastructure, Application Development, and Cloud Engineering to ensure seamless integration and operation of security tools.

Partners with Identity and Access Management teams to implement and maintain secure access controls.

Engages with external vendors and service providers to evaluate and integrate third-party security solutions.

EDUCATION AND EXPERIENCE

Education:

University Degree in Computer Science or Information Systems is required.

MS or advanced identity courses or other applicable certifications is desirable, including Certified Information Systems Security Professional (CISSP)

Certifications: Palo Alto Networks PCSAE; CISSP or similar; cloud security exposure (AWS/Azure/GCP)

Experience:

6-8 years in security automation in SOC environments

Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience).

Excellent problem-solving, communication, and documentation skills; ability to work across time zones.

TECHNICAL SKILLS REQUIREMENTS

Hands-on experience with Palo Alto Networks Cortex XSOAR and Python scripting for automation/integration

Familiarity with REST APIs, JSON, webhooks, and secure credential handling; experience building custom integrations/connectors.

Understanding of SOC processes and incident response lifecycle (triage, containment, eradication, recovery)

Experience operating in SIEM-centric workflows and integrating case management systems.

Familiarity with secure coding practices, secrets management (Vault/KMS), and role-based access control in SOAR

PHYSICAL POSITION REQUIREMENTS

Regular working hours are from 3:00 AM to 12:00 PM EST. (ICC Second Shift)

About Zoetis

At Zoetis, our purpose is to nurture the world and humankind by advancing care for animals. As a Fortune 500 company and the world leader in animal health, we discover, develop, manufacture and commercialize vaccines, medicines, diagnostics and other technologies for companion animals and livestock. We know our people drive our success. Our award-winning culture, built around our Core Beliefs, focuses on our colleagues careers, connection and support. We offer competitive healthcare and retirement savings benefits, along with an array of benefits, policies and programs to support employee well-being in every sense, from health and financial wellness to family and lifestyle resources.

Global Job Applicant Privacy Notice