Position Overview

We are seeking a Security Automation Engineer with strong experience in Torq (preferred) or Cortex XSOAR to architect and evolve our automation ecosystem.

This role extends beyond playbook creation. You will:

• Engineer intelligent, AI-assisted automation workflows
• Develop agentic SOC orchestration strategies
• Own automation performance reporting and metrics
• Build client-facing and executive dashboards in Power BI
  
  

This is a high-impact engineering role that sits at the intersection of security operations, applied AI, and operational intelligence.

Responsibilities

SOAR & Automation Engineering

• Design and maintain advanced workflows in Torq (preferred)
• Develop modular, reusable automation templates for MSSP multi-tenancy
• Implement automated enrichment, triage, containment, and remediation workflows
• Engineer conditional and parallel logic to optimize MTTR
• Integrate APIs across EDR, SIEM, firewall, IAM, email security, and cloud platforms
• Maintain workflow logging, observability, and reliability
  
  

AI & Agentic Automation

• Design AI-assisted decision support within SOC workflows
• Implement LLM-powered alert summarization and investigation assistance
  
  

Build agentic workflows that:

• Adapt dynamically based on investigation findings
• Execute conditional response strategies
• Escalate with intelligent human-in-the-loop controls
• Evaluate and integrate emerging AI automation capabilities within Torq
• Define safe operational boundaries for AI-driven actions
  
  

Reporting & Operational Intelligence

• Develop automation performance dashboards within the SOAR platform
• Track and report on:
• Alert volume reduction
• Automation success rate
• MTTR improvement
• False positive reduction
• Tier 1 workload reduction
• Build and maintain executive-level dashboards in Power BI
• Integrate data from:
• SOAR
• SIEM
• EDR
• Ticketing systems
• Design multi-tenant reporting models suitable for MSSP client delivery
• Translate technical SOC metrics into executive-ready security outcomes
  
  

SOC Optimization & Scale

• Identify high-volume, high-toil alert categories for automation
• Build approval-gated containment workflows
• Implement automation change control processes
• Partner with SOC leadership to continuously improve operational maturity
  
  

Other duties as required within the context of the role.

Qualifications

4+ years in Security Operations or Security Engineering

• 3+ years hands-on SOAR experience
• Direct experience with Torq (strongly preferred)
  
  

Cortex XSOAR acceptable with demonstrated adaptability

• Experience building dashboards in Power BI
• Strong understanding of SOC workflows and incident response lifecycle
• Experience integrating REST APIs (JSON, webhooks)
• Proficiency in Python scripting
• Experience working in a multi-tenant MSSP environment (preferred)
  
  

Preferred Experience

• Experience integrating AI/LLMs into automation workflows
• Experience designing security metrics programs
• Familiarity with:
• CrowdStrike
• Palo Alto
• Fortinet
• Microsoft Defender
• Modern SIEM platforms
• Email Security
• Experience designing executive security reporting
• Knowledge of MITRE ATT&CK
  
  

Must be eligible to work for any U.S. employer without the need for sponsorship now or in the future.

Compensation

This role offers a base salary range of $70,000–$92,000.

Vacancy

We have 1 available position(s).