Key responsibilities and Accountabilities

• Develop and optimize automation workflows within Torq Hyperautomation or other SOAR platforms such as XSOAR Splunk SOAR LogicHub Swimlane
  
• Build API integrations between security tools such as SIEMs EDRs XDRs case management systems and cloud platforms
  
• Extensively work with JSON formatting parsing and data transformations to enable seamless data exchange across multiple security platforms
  
• Streamline incident response automation to improve efficiency reduce MTTR and enhance security event correlation
  
• Design and maintain fault tolerant automation processes that scale across thousands of clients
  
• Maintain and optimize CI CD pipeline infrastructure within a SOAR platform
  
• Collaborate with SOC analysts DFIR teams and threat intelligence groups to refine and enhance automation capabilities
  
• Lead migration projects to improve automation platforms ensuring seamless transitions without impacting security operations
  
• Continuously evaluate and implement emerging automation techniques to enhance SOC and MSSP workflow
  

Must Have Skills and Experience

• 1+ years of experience in security automation, SOAR engineering, or cybersecurity automation within an MSSP, DFIR, or enterprise security environment
  
• Extensive experience working with JSON, including JSON schema design, manipulation, parsing, and API-based data transformations
  
• Strong scripting skills in Python, PowerShell, or Bash for workflow automation
  
• Proficiency in API development and integration, including RESTful APIs, JSON-based APIs, and webhook automation
  
• Experience working with SIEM such as Splunk, Sentinel, QRadar, Rapid7 IDR, and EDR or XDR tools such as CrowdStrike, SentinelOne, Stellar Cyber, Cortex XDR
  
• Knowledge of incident response, threat intelligence, and security event lifecycle management

Nice to Have Skills

• Experience in multi-client environments, MSSP, IR firms, or security service providers
  
• Hands-on experience with Torq Hyperautomation, XSOAR, Splunk SOAR, or similar platforms
  
• Certifications such as Torq SOAR Analyst, Torq SOAR Expert, CompTIA Security+, AWS or Azure Security Certifications
  
• Proficiency in using JQ filters for data manipulation
  
• Familiarity with CI/CD pipelines such as Azure DevOps
  
• Experience automating cloud security workflows (AWS, Azure, Google Cloud)
  
• Familiarity with case management automation and cross-platform data normalization
  
• Prior experience leading SOAR migration projects or developing custom security playbooks