SOAR Security Engineer - SOC Automation

We are seeking a SOAR Security Engineer - SOC Automation Specialist who blends SOC Analyst expertise with SOAR development to bridge the gap between incident response and security automation . This role requires hands-on experience investigating security alerts and incidents while documenting and automating workflows in real time to improve SOC operations.

The ideal candidate will work closely with SOC Analysts, Security Engineers, and SOAR Developers to identify repeatable processes, develop automation playbooks, and enhance security response efficiency.

Key Responsibilities :

• Monitor, analyze, and respond to security alerts and incidents as a Level 3 SOC Analyst.
• Develop and implement automation playbooks using SOAR platforms (e.g., Splunk SOAR, Cortex XSOAR, Swimlane, IBM Resilient).
• Identify repetitive SOC workflows and convert them into automated processes using Python and APIs.
• Document security investigations, triage workflows, and response steps to facilitate automation development.
• Work closely with SOC analysts and SOAR developers to optimize alert handling, containment, and remediation processes.
• Test, troubleshoot, and refine automation playbooks to improve effectiveness and reduce false positives.
• Collaborate with security engineers to refine detection rules, enhance alerting logic, and improve security visibility.
• Stay up to date on emerging cyber threats, attack techniques, and security automation best practices.

Must-Have Qualifications :

Preferred Qualifications :