Job Description

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).
• Experience in cybersecurity engineering, SOC operations, automation, or related environments.
• Demonstrated experience supporting enterprise-level cybersecurity operations or engineering programs.
• Experience working in complex IT environments with security tools and platforms
• Experience with SOAR platforms (e.g., Splunk SOAR, Palo Alto Cortex XSOAR).
• Strong scripting skills (Python, PowerShell, or similar).
• Knowledge of SIEM tools and security operations workflows.
• Experience integrating APIs and security tools.
• Familiarity with incident response and threat detection processes.
• Understanding of cybersecurity frameworks and best practices.
• Strong analytical and problem-solving skills.
• Ability to communicate effectively with technical teams and stakeholders
• Required Certifications
  • Role-appropriate cybersecurity or engineering certifications demonstrating competency in automation, security operations, or systems integration.
  • Examples include: Security+, CySA+, CISSP, GIAC certifications, or relevant SOAR/platform-specific certifications
     

• Design, develop, and maintain SOAR playbooks and automated workflows.
• Configure and implement SOAR and other security automation platforms.
• Integrate SIEM, EDR, vulnerability management, and ticketing systems with SOAR tools.
• Automate incident response, alert triage, and remediation activities.
• Support SOC operations through automation and process optimization.
• Develop scripts (e.g., Python, PowerShell) to support automation initiatives.
• Maintain and update SOPs, playbooks, and knowledge base documentation.
• Support continuous monitoring, threat detection, and response improvements.
• Collaborate with SOC analysts, engineers, and stakeholders to enhance operational effectiveness.