🌎
This job posting isn't available in all website languages

Lead Security Automation Engineer

🔍 Colombo, Western Province, Sri Lanka

New
📁
Lead Software Engineer
📅
CREQ230863 Requisition #
📅
8 hours ago Post Date
Key responsibilities and Accountabilities

Develop and optimize automation workflows within Torq Hyperautomation or other SOAR platforms such as XSOAR Splunk SOAR LogicHub Swimlane

Build API integrations between security tools such as SIEMs EDRs XDRs case management systems and cloud platforms

Extensively work with JSON formatting parsing and data transformations to enable seamless data exchange across multiple security platforms

Streamline incident response automation to improve efficiency reduce MTTR and enhance security event correlation

Design and maintain fault tolerant automation processes that scale across thousands of clients

Maintain and optimize CI CD pipeline infrastructure within a SOAR platform

Collaborate with SOC analysts DFIR teams and threat intelligence groups to refine and enhance automation capabilities

Lead migration projects to improve automation platforms ensuring seamless transitions without impacting security operations

Continuously evaluate and implement emerging automation techniques to enhance SOC and MSSP workflows

Skills and Ability

Must Have Skills and Experience

1 plus years of experience in security automation SOAR engineering or cybersecurity automation within an MSSP DFIR or enterprise security environment

Extensive experience working with JSON including JSON schema design manipulation parsing and API based data transformations

Strong scripting skills in Python PowerShell or Bash for workflow automation

Proficiency in API development and integration including RESTful APIs JSON based APIs and webhook automation

Experience working with SIEM such as Splunk Sentinel QRadar Rapid7 IDR and EDR or XDR tools such as CrowdStrike SentinelOne Stellar Cyber Cortex XDR

Knowledge of incident response threat intelligence and security event lifecycle management

Nice to Have Skills

Experience in multi client environments MSSP IR firms or security service providers

Hands on experience with Torq Hyperautomation XSOAR Splunk SOAR or similar platforms

Certifications such as Torq SOAR Analyst Torq SOAR Expert CompTIA Security plus AWS or Azure Security Certifications

Proficiency in using JQ filters for data manipulation

Familiarity with CI CD pipelines such as Azure DevOps

Experience automating cloud security workflows AWS Azure Google Cloud

Familiarity with case management automation and cross platform data normalization

Prior experience leading SOAR migration projects or developing custom security playbooks

Key responsibilities and Accountabilities

Develop and optimize automation workflows within Torq Hyperautomation or other SOAR platforms such as XSOAR Splunk SOAR LogicHub Swimlane

Build API integrations between security tools such as SIEMs EDRs XDRs case management systems and cloud platforms

Extensively work with JSON formatting parsing and data transformations to enable seamless data exchange across multiple security platforms

Streamline incident response automation to improve efficiency reduce MTTR and enhance security event correlation

Design and maintain fault tolerant automation processes that scale across thousands of clients

Maintain and optimize CI CD pipeline infrastructure within a SOAR platform

Collaborate with SOC analysts DFIR teams and threat intelligence groups to refine and enhance automation capabilities

Lead migration projects to improve automation platforms ensuring seamless transitions without impacting security operations

Continuously evaluate and implement emerging automation techniques to enhance SOC and MSSP workflows

Skills and Ability

Must Have Skills and Experience

1 plus years of experience in security automation SOAR engineering or cybersecurity automation within an MSSP DFIR or enterprise security environment

Extensive experience working with JSON including JSON schema design manipulation parsing and API based data transformations

Strong scripting skills in Python PowerShell or Bash for workflow automation

Proficiency in API development and integration including RESTful APIs JSON based APIs and webhook automation

Experience working with SIEM such as Splunk Sentinel QRadar Rapid7 IDR and EDR or XDR tools such as CrowdStrike SentinelOne Stellar Cyber Cortex XDR

Knowledge of incident response threat intelligence and security event lifecycle management

Nice to Have Skills

Experience in multi client environments MSSP IR firms or security service providers

Hands on experience with Torq Hyperautomation XSOAR Splunk SOAR or similar platforms

Certifications such as Torq SOAR Analyst Torq SOAR Expert CompTIA Security plus AWS or Azure Security Certifications

Proficiency in using JQ filters for data manipulation

Familiarity with CI CD pipelines such as Azure DevOps

Experience automating cloud security workflows AWS Azure Google Cloud

Familiarity with case management automation and cross platform data normalization

Prior experience leading SOAR migration projects or developing custom security playbooks

Previous Job Searches

Similar Listings

Cloud DevOps Lead

Colombo, Western Province, Sri Lanka

📁 Lead Software Engineer

Requisition #: CREQ235677

QA Lead

Colombo, Western Province, Sri Lanka

📁 Lead Software Engineer

Requisition #: CREQ235675

Cloud DevOps Lead

Colombo, Western Province, Sri Lanka

📁 Lead Software Engineer

Requisition #: CREQ235686

View More Listings