Key responsibilities and AccountabilitiesDevelop and optimize automation workflows within Torq Hyperautomation or other SOAR platforms such as XSOAR Splunk SOAR LogicHub SwimlaneBuild API integrations between security tools such as SIEMs EDRs XDRs case management systems and cloud platformsExtensively work with JSON formatting parsing and data transformations to enable seamless data exchange across multiple security platformsStreamline incident response automation to improve efficiency reduce MTTR and enhance security event correlationDesign and maintain fault tolerant automation processes that scale across thousands of clientsMaintain and optimize CI CD pipeline infrastructure within a SOAR platformCollaborate with SOC analysts DFIR teams and threat intelligence groups to refine and enhance automation capabilitiesLead migration projects to improve automation platforms ensuring seamless transitions without impacting security operationsContinuously evaluate and implement emerging automation techniques to enhance SOC and MSSP workflowsSkills and AbilityMust Have Skills and Experience1 plus years of experience in security automation SOAR engineering or cybersecurity automation within an MSSP DFIR or enterprise security environmentExtensive experience working with JSON including JSON schema design manipulation parsing and API based data transformationsStrong scripting skills in Python PowerShell or Bash for workflow automationProficiency in API development and integration including RESTful APIs JSON based APIs and webhook automationExperience working with SIEM such as Splunk Sentinel QRadar Rapid7 IDR and EDR or XDR tools such as CrowdStrike SentinelOne Stellar Cyber Cortex XDRKnowledge of incident response threat intelligence and security event lifecycle managementNice to Have SkillsExperience in multi client environments MSSP IR firms or security service providersHands on experience with Torq Hyperautomation XSOAR Splunk SOAR or similar platformsCertifications such as Torq SOAR Analyst Torq SOAR Expert CompTIA Security plus AWS or Azure Security CertificationsProficiency in using JQ filters for data manipulationFamiliarity with CI CD pipelines such as Azure DevOpsExperience automating cloud security workflows AWS Azure Google CloudFamiliarity with case management automation and cross platform data normalizationPrior experience leading SOAR migration projects or developing custom security playbooks
1 plus years of experience in security automation SOAR engineering or cybersecurity automation within an MSSP DFIR or enterprise security environment
Extensive experience working with JSON including JSON schema design manipulation parsing and API based data transformations
Strong scripting skills in Python PowerShell or Bash for workflow automation
Proficiency in API development and integration including RESTful APIs JSON based APIs and webhook automation
Experience working with SIEM such as Splunk Sentinel QRadar Rapid7 IDR and EDR or XDR tools such as CrowdStrike, SentinelOne Stellar Cyber Cortex XDR
Knowledge of incident response threat intelligence and security event lifecycle management
Experience in multi client environments MSSP IR firms or security service providers
Hands on experience with Torq Hyperautomation XSOAR Splunk SOAR or similar platforms
Certifications such as Torq SOAR Analyst Torq SOAR Expert CompTIA Security plus AWS or Azure Security Certifications
Proficiency in using JQ filters for data manipulation
Familiarity with CI CD pipelines such as Azure DevOps
Experience automating cloud security workflows AWS Azure Google Cloud
Familiarity with case management automation and cross platform data normalization
Prior experience leading SOAR migration projects or developing custom security playbooks
