This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Security Automation Engineer based in India.
In this role, you will be responsible for designing and implementing advanced security automation and orchestration solutions within a fast-paced Managed Security Services Provider (MSSP) environment. You will play a key role in building and optimizing SOAR workflows that enhance SOC efficiency, reduce manual effort, and accelerate incident detection and response. The position involves deep collaboration with SOC analysts, engineers, and leadership teams to improve security operations at scale. You will work across modern cybersecurity ecosystems, integrating tools such as SIEM, EDR, identity, cloud, and threat intelligence platforms. This is a highly technical, hands-on engineering role focused on automation, API-driven integrations, and AI-enabled security operations. Operating in a remote-first setup aligned with global teams, you will contribute to transforming security operations into more intelligent, scalable, and automated environments. Your work will directly improve threat response speed, operational resilience, and overall SOC maturity.
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Security Automation Engineer based in India.
In this role, you will be responsible for designing and implementing advanced security automation and orchestration solutions within a fast-paced Managed Security Services Provider (MSSP) environment. You will play a key role in building and optimizing SOAR workflows that enhance SOC efficiency, reduce manual effort, and accelerate incident detection and response. The position involves deep collaboration with SOC analysts, engineers, and leadership teams to improve security operations at scale. You will work across modern cybersecurity ecosystems, integrating tools such as SIEM, EDR, identity, cloud, and threat intelligence platforms. This is a highly technical, hands-on engineering role focused on automation, API-driven integrations, and AI-enabled security operations. Operating in a remote-first setup aligned with global teams, you will contribute to transforming security operations into more intelligent, scalable, and automated environments. Your work will directly improve threat response speed, operational resilience, and overall SOC maturity.
Accountabilities:
- Design, develop, and maintain SOAR playbooks and automation workflows to support SOC operations including alert triage, enrichment, incident response, and case management.
- Build and manage integrations between security tools using APIs, webhooks, SDKs, and custom connectors to enable end-to-end orchestration.
- Improve SOC efficiency by developing automation logic that reduces manual workload and enhances Mean Time to Respond (MTTR) and Mean Time to Resolve.
- Support lifecycle management of SOAR platforms including upgrades, testing, governance, RBAC, and operational maintenance.
- Collaborate with SOC teams to identify automation opportunities and implement improvements across detection, investigation, and escalation workflows.
- Integrate and optimize security technologies including SIEM, EDR, identity, cloud, email security, and threat intelligence platforms.
- Contribute to SOC transformation initiatives, documentation, and operational runbooks to ensure scalable and standardized automation practices.
- Participate in incident response automation planning and AI-driven security operations enhancements.
- 3–5 years of experience in cybersecurity, SOC operations, or security engineering with strong exposure to automation and SOAR platforms.
- Hands-on experience designing and implementing security automation workflows in enterprise or MSSP environments.
- Strong understanding of SOC operations, incident response, threat intelligence, and detection engineering principles.
- Proficiency in integrating security tools using REST APIs, JSON, webhooks, Python, and PowerShell scripting.
- Experience working with SIEM platforms (e.g., Microsoft Sentinel or similar) and ticketing systems such as Datto Autotask.
- Familiarity with security ecosystems including endpoint, cloud, identity, and email security platforms.
- Strong analytical, troubleshooting, and problem-solving skills with a proactive, ownership-driven mindset.
- Excellent communication and documentation skills with the ability to collaborate across global, cross-functional teams.
- Bachelor’s degree in Computer Science, IT, Cybersecurity, or a related field; relevant certifications (e.g., SC-200, AZ-500, Security+) are a plus.
- Competitive compensation package aligned with industry benchmarks.
- Remote-first work model with flexibility to work from India while supporting global operations.
- Opportunity to work on advanced SOC automation and AI-driven cybersecurity initiatives.
- Exposure to enterprise-grade security tools and global MSSP environments.
- Continuous learning and professional development in cybersecurity and automation domains.
- Collaborative, innovation-driven culture focused on impact and technical growth.
- Flexible work arrangements supporting work-life balance and personal well-being.