SOAR Engineer Security Automation Specialist

Job Summary
We are seeking an experienced SOAR Engineer Security Automation Specialist to lead the design development and optimization of security orchestration automation and response capabilities. This role focuses on building scalable automation workflows integrating security tools and improving overall security operations efficiency.

Key Responsibilities
Lead design configuration deployment and maintenance of SOAR platforms ensuring stability availability and performance
Develop test and deploy automated playbooks for alert triage threat enrichment containment and incident response
Identify opportunities to automate repetitive SOC tasks and reduce response times
Build and maintain integrations between SOAR platform and security tools including SIEM EDR email security threat intelligence IAM and cloud platforms
Develop API based integrations to enable seamless data flow and automated response actions
Create custom scripts using Python PowerShell and other tools to extend platform capabilities
Collaborate with SOC analysts detection engineers and incident responders to translate manual processes into automation
Monitor platform health track metrics and improve automation effectiveness
Develop dashboards and reports for playbook performance and operational efficiency
Troubleshoot and resolve integration issues playbook failures and performance bottlenecks
Create and maintain documentation including playbooks runbooks architecture diagrams and standard procedures

Required Qualifications
Minimum 5 years of experience in cybersecurity engineering or security operations
Hands on experience with SOAR platforms such as Palo Alto Cortex XSOAR Splunk SOAR Swimlane Tines CrowdStrike Fusion or similar
Strong proficiency in Python and PowerShell scripting
Experience building API integrations using RESTful services
Experience working with SIEM platforms EDR tools ticketing systems and threat intelligence platforms
Strong understanding of security operations workflows including alert triage incident response and escalation
Ability to collaborate across teams and communicate technical concepts effectively

Preferred Qualifications
Experience with cloud security platforms and modern enterprise environments
Familiarity with automation metrics monitoring and reporting
Experience working in large scale or global security operations environments

Pay: $90,537.82 - $109,034.79 per year

Benefits:

• Dental insurance
• Flexible schedule

Application Question(s):

• Do you have hands on experience with SOAR platforms such as Cortex XSOAR Splunk SOAR Tines or similar If yes please specify which platforms and your level of expertise?
• How many years of experience do you have in cybersecurity engineering or security operations?
• Do you have experience developing automation playbooks and workflows for incident response and alert triage
• What scripting languages are you proficient in such as Python or PowerShell and how have you used them in security automation
• Have you integrated security tools such as SIEM EDR ticketing systems or threat intelligence platforms using APIs Please provide examples?

Work Location: Remote