Security Automation Engineer

Job Type: Full Time

Position Overview

We are seeking a Security Automation Engineer with strong experience in Torq (preferred) or Cortex XSOAR to architect and evolve our automation ecosystem.

This role extends beyond playbook creation. You will:

• Engineer intelligent, AI-assisted automation workflows

• Develop agentic SOC orchestration strategies

• Own automation performance reporting and metrics

• Build client-facing and executive dashboards in Power BI

This is a high-impact engineering role that sits at the intersection of security operations, applied AI, and operational intelligence.

Responsibilities

SOAR & Automation Engineering

• Design and maintain advanced workflows in Torq (preferred)

• Develop modular, reusable automation templates for MSSP multi-tenancy

• Implement automated enrichment, triage, containment, and remediation workflows

• Engineer conditional and parallel logic to optimize MTTR

• Integrate APIs across EDR, SIEM, firewall, IAM, email security, and cloud platforms

• Maintain workflow logging, observability, and reliability

AI & Agentic Automation

• Design AI-assisted decision support within SOC workflows

• Implement LLM-powered alert summarization and investigation assistance

Build agentic workflows that:

• Adapt dynamically based on investigation findings

• Execute conditional response strategies

• Escalate with intelligent human-in-the-loop controls

• Evaluate and integrate emerging AI automation capabilities within Torq

• Define safe operational boundaries for AI-driven actions

Reporting & Operational Intelligence

• Develop automation performance dashboards within the SOAR platform

• Track and report on:

• Alert volume reduction

• Automation success rate

• MTTR improvement

• False positive reduction

• Tier 1 workload reduction

• Build and maintain executive-level dashboards in Power BI

• Integrate data from:

• SOAR

• SIEM

• EDR

• Ticketing systems

• Design multi-tenant reporting models suitable for MSSP client delivery

• Translate technical SOC metrics into executive-ready security outcomes

SOC Optimization & Scale

• Identify high-volume, high-toil alert categories for automation

• Build approval-gated containment workflows

• Implement automation change control processes

• Partner with SOC leadership to continuously improve operational maturity

Other duties as required within the context of the role.

Qualifications

4+ years in Security Operations or Security Engineering

• 3+ years hands-on SOAR experience

• Direct experience with Torq (strongly preferred)

Cortex XSOAR acceptable with demonstrated adaptability

• Experience building dashboards in Power BI

• Strong understanding of SOC workflows and incident response lifecycle

• Experience integrating REST APIs (JSON, webhooks)

• Proficiency in Python scripting

• Experience working in a multi-tenant MSSP environment (preferred)

Preferred Experience

• Experience integrating AI/LLMs into automation workflows

• Experience designing security metrics programs

• Familiarity with:

• CrowdStrike

• Palo Alto

• Fortinet

• Microsoft Defender

• Modern SIEM platforms

• Email Security

• Experience designing executive security reporting

• Knowledge of MITRE ATT&CK

Must be eligible to work for any U.S. employer without the need for sponsorship now or in the future.

Compensation

This role offers a base salary range of $70,000–$92,000.

Vacancy

We have 1 available position(s).

How we hire