
Security Automation Engineer
Posted Jun 3

Posted Jun 3
This is a fully remote position, open to applicants in India.
• ProArch IT Solutions is in search of a driven and technically proficient Security / SOAR Automation Engineer to become part of our worldwide cybersecurity operations team.
• The preferred candidate will have substantial hands-on experience in cybersecurity automation, SOAR platform engineering, SOC workflow orchestration, and security integrations within contemporary security ecosystems.
• This position is primarily centered on the design, implementation, optimization, and scaling of SOC automation capabilities to enhance operational efficiency, incident response, alert enrichment, triage automation, threat intelligence utilization, and AI-driven improvements in security operations.
• The Engineer will collaborate closely with SOC Operations, Security Engineering, Security Consulting, and Leadership teams to execute automation initiatives and operational enhancements while supporting a globally distributed security framework.
• SOAR Engineering & Automation: Create, develop, implement, and sustain SOAR playbooks and automation workflows for SOC operations.
• Establish scalable security orchestration workflows for alert triage, automated enrichment, threat intelligence correlation, incident response, containment workflows, identity-based investigations, case management, and reporting automation.
• Execute and uphold integrations between SOAR platforms and diverse security technologies utilizing APIs, webhooks, SDKs, and custom connectors.
• Formulate automation logic to enhance SOC efficiency, alleviate analyst fatigue, and expedite Mean Time to Respond (MTTR) and Mean Time to Resolve.
• Support SOAR platform lifecycle management, which includes upgrades, change management, testing, governance, RBAC, and ongoing operational maintenance.
• Aid with SOAR platform administration, identity & access management, and environment hardening.
• Security Platform Integrations: Practical experience in integrating and automating workflows that involve various security technologies such as Microsoft Defender, CrowdStrike Falcon, SIEM platforms, etc.
• Collaborate with SOC Managers, SOC Team Leads, Analysts, and Security Consultants to pinpoint automation opportunities.
• A Bachelor's Degree in Computer Science, Information Technology, Cybersecurity, Engineering, or a related technical discipline is essential.
• Relevant cybersecurity certifications and automation-centric certifications will be seen as a beneficial addition.
• 3–5 years of comprehensive experience in cybersecurity.
• Demonstrated hands-on proficiency with SOAR platforms in enterprise or MSSP settings.
• Strong background in designing and executing automation workflows from the ground up.
• Experience in supporting Security Operations Center (SOC) environments.
• Prior experience as a SOC Analyst is highly desirable.
• Background in working within Managed Security Services Provider (MSSP) environments is preferred.
• Experience collaborating with or supporting US-based teams/vendors is preferred.
• Significant hands-on experience with SOAR technologies.
• Familiarity with Torq SOAR is preferred.
• A solid understanding of incident response workflows, SOC operations, detection engineering, security orchestration, threat intelligence, API integrations, authentication mechanisms, identity-based security workflows, and experience integrating security tools using REST APIs, JSON, Webhooks, Python, PowerShell, and scripting/automation frameworks.
• Knowledge of SIEM platforms and alert correlation logic.
• Experience with ticketing systems, preferably Datto Autotask.
• Understanding of endpoints, cloud, identity, and email security ecosystems.
• Competitive salary and benefits package.
• Opportunities for professional development and growth.
• Collaborative and innovative work environment.
• Flexible work arrangements.
ClickHouse
OnePlan
NVIDIA
XpertGroup
Get handpicked remote jobs straight to your inbox weekly.