Security Automation Engineer

Key Skills: SOAR Platform Engineering, Security Orchestration, Microsoft Defender Suite, CrowdStrike Falcon, Microsoft Sentinel, API Integration, Automation Workflows, Threat Intelligence, SOC Operations, SIEM Platforms

Good to Have Skills: Microsoft Purview, Microsoft Identity Protection, Entra ID, Graph API, Datto Autotask, Email security solutions, Cloud security solutions, AI-driven security operations, Endpoint detection and response platforms, Identity and authentication platforms, Python scripting, REST APIs, Webhooks, SDKs, Custom connectors

Roles & Responsibilities:

• Design, develop, implement, and maintain SOAR playbooks and automation workflows for SOC operations
• Build scalable security orchestration workflows for alert triage, automated enrichment, and incident response
• Implement and maintain integrations between SOAR platforms and various security technologies using APIs and webhooks
• Develop automation logic to improve SOC efficiency and accelerate Mean Time to Respond and Resolve
• Support SOAR platform lifecycle management including upgrades, change management, testing, and governance
• Work collaboratively with SOC teams to identify automation opportunities and operational enhancements
• Contribute to AI-enabled SOC initiatives and intelligent automation projects for security operations
• Coordinate automation initiatives with internal stakeholders and external vendors for implementation support
• Maintain technical documentation, workflow diagrams, integration references, and operational runbooks
• Support cross-functional cybersecurity projects and operational improvements across the organization

Experience Required: Strong hands-on experience in cybersecurity automation, SOAR platform engineering, SOC workflow orchestration, and security integrations across modern security ecosystems