Lead Cybersecurity Engineer
- Develop and optimize automation workflows within Torq Hyperautomation or other SOAR platforms such as XSOAR Splunk SOAR LogicHub Swimlane
- Build API integrations between security tools such as SIEMs EDRs XDRs case management systems and cloud platforms
- Extensively work with JSON formatting parsing and data transformations to enable seamless data exchange across multiple security platforms
- Streamline incident response automation to improve efficiency reduce MTTR and enhance security event correlation
- Design and maintain fault tolerant automation processes that scale across thousands of clients
- Maintain and optimize CI CD pipeline infrastructure within a SOAR platform
- Collaborate with SOC analysts DFIR teams and threat intelligence groups to refine and enhance automation capabilities
- Lead migration projects to improve automation platforms ensuring seamless transitions without impacting security operations
- Continuously evaluate and implement emerging automation techniques to enhance SOC and MSSP workflows
- 1 plus years of experience in security automation SOAR engineering or cybersecurity automation within an MSSP DFIR or enterprise security environment
- Extensive experience working with JSON including JSON schema design manipulation parsing and API based data transformations
- Strong scripting skills in Python PowerShell or Bash for workflow automation
- Proficiency in API development and integration including RESTful APIs JSON based APIs and webhook automation
- Experience working with SIEM such as Splunk Sentinel QRadar Rapid7 IDR and EDR or XDR tools such as CrowdStrike, SentinelOne Stellar Cyber Cortex XDR
- Knowledge of incident response threat intelligence and security event lifecycle management
- Experience in multi client environments MSSP IR firms or security service providers
- Hands on experience with Torq Hyperautomation XSOAR Splunk SOAR or similar platforms
- Certifications such as Torq SOAR Analyst Torq SOAR Expert CompTIA Security plus AWS or Azure Security Certifications
- Proficiency in using JQ filters for data manipulation
- Familiarity with CI CD pipelines such as Azure DevOps
- Experience automating cloud security workflows AWS Azure Google Cloud
- Familiarity with case management automation and cross platform data normalization
- Prior experience leading SOAR migration projects or developing custom security playbooks