This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Security Automation Engineer based in India.
This role offers an exciting opportunity to shape the future of cybersecurity operations by designing and implementing advanced security automation solutions in a global remote environment. You will play a key role in improving SOC efficiency through SOAR engineering, intelligent workflow orchestration, and seamless integration across modern security platforms. Working alongside experienced cybersecurity professionals, you will contribute to scalable, AI-enabled security operations that enhance incident response and operational resilience. The position combines hands-on engineering, cross-functional collaboration, and continuous innovation, making it ideal for professionals passionate about automation, security operations, and emerging cybersecurity technologies.
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Security Automation Engineer based in India.
This role offers an exciting opportunity to shape the future of cybersecurity operations by designing and implementing advanced security automation solutions in a global remote environment. You will play a key role in improving SOC efficiency through SOAR engineering, intelligent workflow orchestration, and seamless integration across modern security platforms. Working alongside experienced cybersecurity professionals, you will contribute to scalable, AI-enabled security operations that enhance incident response and operational resilience. The position combines hands-on engineering, cross-functional collaboration, and continuous innovation, making it ideal for professionals passionate about automation, security operations, and emerging cybersecurity technologies.
Accountabilities
- Design, develop, implement, and maintain SOAR playbooks and security automation workflows that streamline SOC operations, including alert triage, enrichment, incident response, containment, case management, reporting, and identity-based investigations.
- Build and maintain integrations between SOAR platforms and security technologies using APIs, webhooks, SDKs, scripting, and custom connectors to automate security processes across the technology ecosystem.
- Optimize security operations by reducing manual effort, improving response times, enhancing detection workflows, and supporting operational scalability through automation and AI-driven initiatives.
- Administer SOAR platforms by managing upgrades, governance, testing, role-based access controls, change management, environment hardening, and overall platform health.
- Collaborate closely with SOC analysts, security engineers, consultants, leadership teams, and external vendors to identify automation opportunities and deliver operational improvements.
- Support AI-powered cybersecurity initiatives by researching emerging technologies, implementing intelligent orchestration workflows, and contributing to autonomous investigation capabilities.
- Produce technical documentation, workflow diagrams, operational procedures, and runbooks while participating in project planning, deployment, testing, and continuous improvement initiatives.
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, Engineering, or a related technical discipline.
- 3–5 years of cybersecurity experience, including proven hands-on expertise with SOAR platforms in enterprise or Managed Security Services Provider (MSSP) environments.
- Strong experience designing and implementing security automation workflows from scratch while supporting Security Operations Center (SOC) environments.
- Solid understanding of incident response, detection engineering, threat intelligence, security orchestration, identity-based investigations, authentication mechanisms, and SIEM technologies, particularly Microsoft Sentinel and Microsoft Defender XDR.
- Experience integrating security platforms using REST APIs, JSON, webhooks, Python, PowerShell, and automation frameworks, along with familiarity with ticketing systems such as Datto Autotask.
- Knowledge of Microsoft Defender solutions, CrowdStrike Falcon, Microsoft Graph API, cloud security, endpoint protection, identity security, email security, and related cybersecurity technologies.
- Exposure to AI-driven security operations, cloud security platforms, DevSecOps concepts, governance, and automation best practices is highly desirable.
- Relevant certifications such as Security+, CySA+, GCIH, SC-200, AZ-500, SOAR platform certifications, or Microsoft and Splunk certifications are considered an advantage.
- Excellent analytical, troubleshooting, documentation, communication, and stakeholder management skills, with the ability to work independently in a fast-paced, remote-first environment aligned with USA Eastern Time business hours.
- Permanent remote opportunity for professionals based in India.
- Flexible work model aligned with operational and project requirements.
- Opportunity to work on cutting-edge cybersecurity automation and AI-driven security initiatives.
- Career development supported by structured professional growth pathways and continuous learning opportunities.
- Collaborative environment with experienced cybersecurity, engineering, cloud, AI, and infrastructure professionals.
- Inclusive culture that values innovation, knowledge sharing, teamwork, and individual contributions.
- Work-life balance supported through flexible scheduling and a remote-first approach.
- Recognition programs celebrating exceptional performance and contributions.
- Opportunities to participate in community engagement and volunteer initiatives.
Requirements
Benefits