Job description
Key responsibilities and Accountabilities
Develop and optimize automation workflows within Torq Hyperautomation or other SOAR platforms such as XSOAR Splunk SOAR LogicHub Swimlane
Build API integrations between security tools such as SIEMs EDRs XDRs case management systems and cloud platforms
Extensively work with JSON formatting parsing and data transformations to enable seamless data exchange across multiple security platforms
Streamline incident response automation to improve efficiency reduce MTTR and enhance security event correlation
Design and maintain fault tolerant automation processes that scale across thousands of clients
Maintain and optimize CI CD pipeline infrastructure within a SOAR platform
Collaborate with SOC analysts DFIR teams and threat intelligence groups to refine and enhance automation capabilities
Lead migration projects to improve automation platforms ensuring seamless transitions without impacting security operations
Continuously evaluate and implement emerging automation techniques to enhance SOC and MSSP workflows
Skills and Ability
Must Have Skills and Experience
1 plus years of experience in security automation SOAR engineering or cybersecurity automation within an MSSP DFIR or enterprise security environment
Extensive experience working with JSON including JSON schema design manipulation parsing and API based data transformations
Strong scripting skills in Python PowerShell or Bash for workflow automation
Proficiency in API development and integration including RESTful APIs JSON based APIs and webhook automation
Experience working with SIEM such as Splunk Sentinel QRadar Rapid7 IDR and EDR or XDR tools such as CrowdStrike SentinelOne Stellar Cyber Cortex XDR
Knowledge of incident response threat intelligence and security event lifecycle management
Nice to Have Skills
Experience in multi client environments MSSP IR firms or security service providers
Hands on experience with Torq Hyperautomation XSOAR Splunk SOAR or similar platforms
Certifications such as Torq SOAR Analyst Torq SOAR Expert CompTIA Security plus AWS or Azure Security Certifications
Proficiency in using JQ filters for data manipulation
Familiarity with CI CD pipelines such as Azure DevOps
Experience automating cloud security workflows AWS Azure Google Cloud
Familiarity with case management automation and cross platform data normalization
Prior experience leading SOAR migration projects or developing custom security playbooks.
Qualification
Key responsibilities and Accountabilities
Develop and optimize automation workflows within Torq Hyperautomation or other SOAR platforms such as XSOAR Splunk SOAR LogicHub Swimlane
Build API integrations between security tools such as SIEMs EDRs XDRs case management systems and cloud platforms
Extensively work with JSON formatting parsing and data transformations to enable seamless data exchange across multiple security platforms
Streamline incident response automation to improve efficiency reduce MTTR and enhance security event correlation
Design and maintain fault tolerant automation processes that scale across thousands of clients
Maintain and optimize CI CD pipeline infrastructure within a SOAR platform
Collaborate with SOC analysts DFIR teams and threat intelligence groups to refine and enhance automation capabilities
Lead migration projects to improve automation platforms ensuring seamless transitions without impacting security operations
Continuously evaluate and implement emerging automation techniques to enhance SOC and MSSP workflows
Skills and Ability
Must Have Skills and Experience
1 plus years of experience in security automation SOAR engineering or cybersecurity automation within an MSSP DFIR or enterprise security environment
Extensive experience working with JSON including JSON schema design manipulation parsing and API based data transformations
Strong scripting skills in Python PowerShell or Bash for workflow automation
Proficiency in API development and integration including RESTful APIs JSON based APIs and webhook automation
Experience working with SIEM such as Splunk Sentinel QRadar Rapid7 IDR and EDR or XDR tools such as CrowdStrike SentinelOne Stellar Cyber Cortex XDR
Knowledge of incident response threat intelligence and security event lifecycle management
Nice to Have Skills
Experience in multi client environments MSSP IR firms or security service providers
Hands on experience with Torq Hyperautomation XSOAR Splunk SOAR or similar platforms
Certifications such as Torq SOAR Analyst Torq SOAR Expert CompTIA Security plus AWS or Azure Security Certifications
Proficiency in using JQ filters for data manipulation
Familiarity with CI CD pipelines such as Azure DevOps
Experience automating cloud security workflows AWS Azure Google Cloud
Familiarity with case management automation and cross platform data normalization
Prior experience leading SOAR migration projects or developing custom security playbooks
Back to search
Full time 
Colombo 