A Security Automation Engineer is required to design and implement automation workflows to enhance incident response, threat hunting, fraud, and insider risk management, as well as vulnerability management processes. The role involves developing custom API integrations to improve SOAR (Security Orchestration, Automation, and Response) capabilities and scripting automation solutions to detect and prevent cyber threats. You will collaborate with security teams to tune solutions, administer SOAR platforms, and identify automation opportunities in cybersecurity processes.
- 5+ years of experience in Cyber Security, Incident Response, Information Security, or related fields
- Strong coding/scripting experience, especially in Python or similar languages
- Hands-on experience with SIEM platforms, firewalls, IPS/IDS, and endpoint security solutions
- Familiarity with threat intelligence platforms (TIP) and integrating IOCs into workflows
- Experience with Windows, Linux, and Apple environments
- Advanced experience in scripting and automation, with Python, Bash, or PowerShell
- Expertise in SOAR platform administration, with a focus on content release management
- Strong troubleshooting skills for tools such as Wireshark, forensic tools, and log analysis
- Familiarity with API integrations for firewalls, SIEM, and TIP platforms
- Advanced knowledge of incident response methodologies, threat hunting, and vulnerability management
- Experience with security monitoring tools and techniques, including threat detection and prevention mechanisms
- Knowledge of common security threats and vulnerabilities, as well as hands-on experience in mitigating them
- Excellent analytical and problem-solving skills
- Strong communication skills, both written and verbal, with the ability to collaborate with cross-functional teams
- Ability to mentor peers and security analysts in automation and incident response processes
- Bachelor's degree in Computer Science, Information Systems, or a related field
- GIAC Security Automation Engineer (GCSA)
- Certified Information Systems Security Professional (CISSP)
- CompTIA Cybersecurity Analyst (CySA+)
$50K <= $70K <= $85K
$30K <= $45K <= $60K
$80K <= $120K <= $160K
$35K <= $55K <= $70K
€55K <= €70K <= €90K
AU$75K <= AU$100K <= AU$135K
- What is your approach to automating threat detection workflows?
- How do you ensure that security automation tools are effectively integrated into a SOAR platform?
- Describe a situation where you identified and implemented an automation opportunity that improved security processes.
- What programming languages do you use to write automation scripts, and how have they helped in security operations?