Automation Engineer (SOC Analyst) - ( CFC )
Automation Engineer (SOC Analyst) - ( CFC )
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
About the role:
We are seeking a skilled SOC Automation Engineer with experience in SOAR or Hyperautomation platforms within an MSSP Incident Response (IR) or multiclient security environment. This role will focus on developing managing and optimizing automation workflows using Torq Hyperautomation or similar SOAR platforms.
The ideal candidate will be highly proficient in JSON manipulation API integrations and case management automation ensuring seamless data exchange between security tools. This position will be based in Sri Lanka and will be instrumental in building scalable automation for our 24/7 SOC and IR operations.
Key Responsibilities:
- Develop and optimize automation workflows within Torq Hyperautomation or other SOAR platforms (e.g. XSOAR Splunk SOAR LogicHub Swimlane).
- Build API integrations between security tools such as SIEMs EDRs XDRs case management systems and cloud platforms.
- Extensively work with JSON formatting parsing and data transformations to enable seamless data exchange across multiple security platforms.
- Streamline incident response automation to improve efficiency reduce MTTR and enhance security event correlation.
- Design and maintain faulttolerant automation processes that scale across thousands of clients.
- Maintain and optimize CI/CD pipeline infrastructure within a SOAR platform.
- Collaborate with SOC analysts DFIR teams and threat intelligence groups to refine and enhance automation capabilities.
- Lead migration projects to improve automation platforms ensuring seamless transitions without impacting security operations.
- Continuously evaluate and implement emerging automation techniques to enhance SOC and MSSP workflows.
Qualifications :
Preferred Skills and Experience :
MustHave Skills & Experience
- 1 years of experience in security automation SOAR engineering or cybersecurity automation within an MSSP DFIR or enterprise security environment.
- Extensive experience working with JSON including JSON schema design manipulation parsing and APIbased data transformations.
- Strong scripting skills in Python PowerShell or Bash for workflow automation.
- Proficiency in API development and integration including RESTful APIs JSONbased APIs and webhook automation.
- Experience working with SIEM (Splunk Sentinel QRadar Rapid7 IDR etc.) and EDR/XDR tools (CrowdStrike SentinelOne Stellar Cyber Cortex XDR etc.).
- Knowledge of incident response threat intelligence and security event lifecycle management.
NicetoHave Skills
- Experience in multiclient environments (MSSP IR firms or security service providers).
- Handson experience with Torq Hyperautomation XSOAR Splunk SOAR or similar platforms.
- Certifications: Torq SOAR Analyst Torq SOAR Expert CompTIA Security AWS/Azure Security Certifications.
- Proficiency in using JQ filters for data manipulation.
- Familiarity with CI/CD pipelines (Azure DevOps)
- Experience automating cloud security workflows (AWS Azure Google Cloud).
- Familiarity with case management automation and crossplatform data normalization.
- Prior experience leading SOAR migration projects or developing custom security playbooks.
Remote Work :
No
Employment Type :
Fulltime
Employment Type
Full-time
