About this role
POSITION SUMMARY
Zoetis, Inc. is the world's largest producer of medicine and vaccinations for pets and livestock. The Zoetis Tech & Digital (ZTD) Global ERP organization is as a key building block of ZTD comprising of enterprise applications and systems platforms.
Join us at Zoetis India Capability Center (ZICC) in Hyderabad, where innovation meets excellence. As part of the world's leading animal healthcare company, ZICC is at the forefront of driving transformative advancements and applying technology to solve the most complex problems. Our mission is to ensure sustainable growth and maintain a competitive edge for Zoetis globally by leveraging the exceptional talent in India.
At ZICC, you'll be part of a dynamic team that partners with colleagues worldwide, embodying the true spirit of One Zoetis. Together, we ensure seamless integration and collaboration, fostering an environment where your contributions can make a real impact. Be a part of our journey to pioneer innovation and drive the future of animal healthcare.
The Information Security Strategy & Risk Management team at Zoetis ensures a secure strategy through a disciplined process of making colleagues security savvy, driving down residual risk, reducing the attack surface, all while enabling the business. This team is responsible for critical services that strengthen Zoetis' security posture, including protecting sensitive data, identifying and mitigating cyber threats, and seamlessly integrating secure assets during organizational changes. Key functions within the team include Security Operations, Vulnerability Management, Threat Intelligence, Security Awareness, Mergers & Acquisitions Security, and Operational Technology (OT) Security. Through these services, the team empowers the organization to operate securely and efficiently in a dynamic digital environment.
The SOAR Engineer is responsible for designing, implementing, and maintaining automated security workflows to streamline incident response and threat management within an organization. This role involves integrating various security tools, developing playbooks, and collaborating with security analysts to enhance detection, investigation, and remediation processes.
POSITION RESPONSIBILITIES
Percent of Time
Design, build, and optimize XSOAR playbooks for alert triage, enrichment (Threat Intel, EDR, SIEM), containment, escalation, and reporting.
Integrate SOAR with SIEM, EDR (CrowdStrike, Threat Intel, ITSM, Identity, Email (M365), and Data Security applications.
Maintain platform health: monitor performance, review logs, manage integrations, handle upgrades, and troubleshoot failures.
Implement robust error handling, retries, and circuit breakers within playbooks; ensure idempotent and safe actions.
Develop and maintain documentation for playbooks, integrations, operational procedures, and release notes.
Partner with SOC analysts, threat hunters, IR, and IT teams to translate requirements into reliable automation; conduct UAT and stakeholder signoffs.
Establish version control, testing, and CI/CD practices for playbook code and content (e.g., Git-based workflows)
Track and report automation KPIs; recommend enhancements based on new SOAR features and operational trends. 100%
ORGANIZATIONAL RELATIONSHIPS
Collaborates closely with onshore security teams, including Security Operations, Vulnerability Management, Threat Intelligence, Security Awareness and Data Protection
Works with cross-functional teams such as Infrastructure, Application Development, and Cloud Engineering to ensure seamless integration and operation of security tools.
Partners with Identity and Access Management teams to implement and maintain secure access controls.
Engages with external vendors and service providers to evaluate and integrate third-party security solutions.
EDUCATION AND EXPERIENCE
Education:
University Degree in Computer Science or Information Systems is required.
MS or advanced identity courses or other applicable certifications is desirable, including Certified Information Systems Security Professional (CISSP)
Certifications: Palo Alto Networks PCSAE; CISSP or similar; cloud security exposure (AWS/Azure/GCP)
Experience:
6-8 years in security automation in SOC environments
Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience).
Excellent problem-solving, communication, and documentation skills; ability to work across time zones.
TECHNICAL SKILLS REQUIREMENTS
Hands-on experience with Palo Alto Networks Cortex XSOAR and Python scripting for automation/integration
Familiarity with REST APIs, JSON, webhooks, and secure credential handling; experience building custom integrations/connectors.
Understanding of SOC processes and incident response lifecycle (triage, containment, eradication, recovery)
Experience operating in SIEM-centric workflows and integrating case management systems.
Familiarity with secure coding practices, secrets management (Vault/KMS), and role-based access control in SOAR
PHYSICAL POSITION REQUIREMENTS
Regular working hours are from 3:00 AM to 12:00 PM EST. (ICC Second Shift)
Full timeOther facts
About Zoetis
The world’s leading animal health company. We’ve been innovating ways to predict, prevent, detect, and treat animal illness for over 70 years, and we continue to stand by those raising and caring for animals worldwide – from veterinarians and pet owners to livestock farmers. Our leading portfolio and pipeline makes a difference in over 100 countries.
Community Guidelines:
This page is intended to share how Zoetis is advancing care for animals. We aspire to create a supportive community, but there are guidelines to which posts and comments on this page must adhere.
If your post references a side effect related to any Zoetis product, we may contact you for more information. To monitor the safety of Zoetis products, we advise you to call our Veterinary Medical Information and Product Support Team at 1-888-963-8471; Support Team is available Mon-Fri 9am to 6:30pm ET.
We reserve the right to remove any post/comment that violates LinkedIn Guidelines. As a last resort, we reserve the right to block users that demonstrate a repeated pattern of violating LinkedIn’s spirit of constructive, professional discourse. We respectfully request that you refrain from posting comments including:
Unsolicited and/or unverified medical advice
Vulgarity and/or profanity
Discriminatory and/or derogatory comments, hate speech
Politics and religion
Personal attacks and/or threats
Promotion of illegal activity
Copyright/trademark infringements
Topics that may be considered spam/advertising
Our regular business hours are Mon-Fri 9am to 5pm ET. Zoetis does not endorse and is not responsible for information and opinions shared by community members. The information shared is provided for educational purposes only and is not intended to replace discussions with an animal healthcare professional. Testimonials represent individual experience only and the experiences and opinions of community members may be unique to the speaker. Terms of Use: https://www.zoetis.com/terms-of-use
What you'll do
- The SOAR Engineer is responsible for designing, implementing, and maintaining automated security workflows to streamline incident response and threat management. This includes integrating various security tools and developing playbooks to enhance detection and remediation processes.
Ready to join Zoetis?
Take the next step in your career journey