Browse categories
Explore
Fiverr Pro
English
$
USD
I will do soc automation with genai
CISSP ! Security Engineer ! AWS ! GCP ! Azure ! AI Security ! Automation
Cybersecurity expert | CISSP | 5+ years securing enterprises.
What I do:
- Cloud Security: AWS, GCP, Azure
- DevSecOps: SAST, DAST, IaC, container scanning
- AI/LLM Security: prompt injection, agenti...
About this Gig
Drowning in alerts? I'll make your SOC intelligent.
I build GenAI-powered security automation workflows that
auto-triage alerts, enrich context, and classify True
Positive vs False Positive - without a human touching it.
CISSP certified. Built this at enterprise scale.
100+ SIEM data sources. Real SOC. Real automation.
What I deliver:
- GenAI alert triage engine (Claude / GPT based)
- SIEM + XDR + ticketing integration via API/MCP
- Automated TP/FP classification workflow
- SOAR playbook design and implementation
- Incident enrichment from threat intel sources
- Jira / PagerDuty / Slack notification automation
- Full documentation and runbook
Deployment options:
- AWS Lambda (serverless, event-driven)
- Google Cloud Functions (GCP native)
- Azure Functions (Microsoft stack)
- Native SOAR (Palo Alto XSOAR, Splunk SOAR)
- Your own server or VM (Python scripts)
Tech stack I work with:
SIEM: Splunk, Coralogix, Sentinel, QRadar
XDR: CrowdStrike, SentinelOne, Defender
SOAR: Palo Alto XSOAR, Splunk SOAR, custom Python
GenAI: Claude, GPT-4, LangChain, MCP
Ticketing: Jira, ServiceNow, PagerDuty
Message me first - every SOC is different.
Device:
Server
Operating system:
Linux
My Portfolio
FAQ
What SIEM and SOAR platforms do you support?
I work with Splunk, Microsoft Sentinel, Coralogix, QRadar for SIEM and Palo Alto XSOAR, Splunk SOAR, and custom Python-based automation for SOAR. Also support CrowdStrike, SentinelOne and Defender for XDR integration.
What does 1 alert automation actually mean?
I pick one alert type from your SIEM or XDR, build the full GenAI triage workflow end to end - context fetching, TP/FP classification, enrichment, and automated response or ticket creation. Fully tested and documented.
Do you need access to our environment?
Read-only API access or sample alert logs are enough to start. No admin access required. Everything is discussed and agreed before we begin.
Can this work with our existing ticketing system?
Yes. I integrate with Jira, ServiceNow, PagerDuty and Slack for automated ticket creation and notifications as part of the SOC automation workflow.
Are you CISSP certified?
Yes. CISSP certified with AWS Security Specialty, GCP Cloud Security Engineer and Azure Security Engineer certifications. 5+ years in enterprise security.
Which GenAI models do you use for SOC automation?
I primarily use Claude AI with MCP integrations and GPT-4 for security alert triage. The model is chosen based on your environment. I also work with LangChain for agentic workflows and custom prompt engineering for accurate TP/FP classification.
Is it safe to use GenAI with sensitive security data?
Yes. I design GenAI workflows with data privacy in mind. No raw logs are sent to external models without masking PII first. Can be deployed fully on-premise or private cloud using self-hosted LLMs if your policy requires it.
