Security Automation Engineer

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Security Automation Engineer based in India.

This role offers an exciting opportunity to shape the future of cybersecurity operations by designing and implementing advanced security automation solutions in a global remote environment. You will play a key role in improving SOC efficiency through SOAR engineering, intelligent workflow orchestration, and seamless integration across modern security platforms. Working alongside experienced cybersecurity professionals, you will contribute to scalable, AI-enabled security operations that enhance incident response and operational resilience. The position combines hands-on engineering, cross-functional collaboration, and continuous innovation, making it ideal for professionals passionate about automation, security operations, and emerging cybersecurity technologies.

• Design, develop, implement, and maintain SOAR playbooks and security automation workflows that streamline SOC operations, including alert triage, enrichment, incident response, containment, case management, reporting, and identity-based investigations.
• Build and maintain integrations between SOAR platforms and security technologies using APIs, webhooks, SDKs, scripting, and custom connectors to automate security processes across the technology ecosystem.
• Optimize security operations by reducing manual effort, improving response times, enhancing detection workflows, and supporting operational scalability through automation and AI-driven initiatives.
• Administer SOAR platforms by managing upgrades, governance, testing, role-based access controls, change management, environment hardening, and overall platform health.
• Collaborate closely with SOC analysts, security engineers, consultants, leadership teams, and external vendors to identify automation opportunities and deliver operational improvements.
• Support AI-powered cybersecurity initiatives by researching emerging technologies, implementing intelligent orchestration workflows, and contributing to autonomous investigation capabilities.
• Produce technical documentation, workflow diagrams, operational procedures, and runbooks while participating in project planning, deployment, testing, and continuous improvement initiatives.

Requirements

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, Engineering, or a related technical discipline.
• 3–5 years of cybersecurity experience, including proven hands-on expertise with SOAR platforms in enterprise or Managed Security Services Provider (MSSP) environments.
• Strong experience designing and implementing security automation workflows from scratch while supporting Security Operations Center (SOC) environments.
• Solid understanding of incident response, detection engineering, threat intelligence, security orchestration, identity-based investigations, authentication mechanisms, and SIEM technologies, particularly Microsoft Sentinel and Microsoft Defender XDR.
• Experience integrating security platforms using REST APIs, JSON, webhooks, Python, PowerShell, and automation frameworks, along with familiarity with ticketing systems such as Datto Autotask.
• Knowledge of Microsoft Defender solutions, CrowdStrike Falcon, Microsoft Graph API, cloud security, endpoint protection, identity security, email security, and related cybersecurity technologies.
• Exposure to AI-driven security operations, cloud security platforms, DevSecOps concepts, governance, and automation best practices is highly desirable.
• Relevant certifications such as Security+, CySA+, GCIH, SC-200, AZ-500, SOAR platform certifications, or Microsoft and Splunk certifications are considered an advantage.
• Excellent analytical, troubleshooting, documentation, communication, and stakeholder management skills, with the ability to work independently in a fast-paced, remote-first environment aligned with USA Eastern Time business hours.

Benefits

• Permanent remote opportunity for professionals based in India.
• Flexible work model aligned with operational and project requirements.
• Opportunity to work on cutting-edge cybersecurity automation and AI-driven security initiatives.
• Career development supported by structured professional growth pathways and continuous learning opportunities.
• Collaborative environment with experienced cybersecurity, engineering, cloud, AI, and infrastructure professionals.
• Inclusive culture that values innovation, knowledge sharing, teamwork, and individual contributions.
• Work-life balance supported through flexible scheduling and a remote-first approach.
• Recognition programs celebrating exceptional performance and contributions.
• Opportunities to participate in community engagement and volunteer initiatives.