Join our Security Operations team to develop automation features within our SOAR (Security Orchestration, Automation and Response) platform. The intern will work on integrating Microsoft security tools to streamline detection, investigation, and response workflows. The mission includes building Python and REST API-based scripts to ingest and correlate security data, automate incident analysis, and apply AI-driven logic to accelerate case handling. You’ll gain hands-on experience with Microsoft Graph API, security automation frameworks, and cloud-based SOC operations.
Objectives
• Design and implement automation workflows for incident detection and analysis.
• Integrate data from Microsoft security tools into SOAR pipelines.
• Develop Python scripts and REST API connectors for security event processing.
• Enhance automation playbooks with AI-based decision logic.
• Leverage Microsoft Graph API for contextual enrichment and correlation.
• Document workflows and collaborate with SOC analysts to evaluate improvements.
Our offer
› A dynamic work and collaborative environment with a highly motivated multi-cultural and international sites team
› The chance to make a difference in peoples’ life by building innovative solutions
› Various internal coding events (Hackathon, Brownbags), see our technical blog
› Monthly After-Works organized per locations
Skills required
• Python scripting
• GIT usage
• REST APIs (requests, authentication, JSON parsing).
• Basic knowledge of cybersecurity concepts (incidents, alerts, logs, SOC/SIEM ideas).
• Good analytical mindset, autonomy, and clear written communication in English
Can be good to have :
• Familiarity with Microsoft security tools (Defender, Sentinel, Purview, Entra, etc.)
We are ELCA, one of the largest Swiss IT tribe with over 2,300 experts. We are multicultural with offices in Switzerland, Spain, France, Vietnam and Mauritius. Since 1968, our team of engineers, business analysts, software architects, designers and consultants provide tailor-made and standardized solutions to support the digital transformation of major public administrations and private companies in Switzerland. Our activity spans across multiples fields of leading-edge technologies such as AI, Machine & Deep learning, BI/BD, RPA, Blockchain, IoT and CyberSecurity.
With more than 2,300 experts, the ELCA Group is a leading independent Swiss IT service and solution provider, specialized in IT consulting, Cybersecurity, Cloud, Data & AI, Digital experience, Software development, Business applications and systems' integration across all industries. ELCA helps its clients to better compete in the digital era and gain in agility. The privately held company has offices in Pully (HQ), Zurich, Geneva, Bern, Basel, Rapperswil and Fehraltorf, as well as offshore centers in Italy, Spain, Mauritius and Vietnam.
