Cyber Workflow Developer

About The Position

Requirements

• Demonstrable experience designing and developing playbooks in a SOAR or workflow automation platform (Chronicle SOAR, Tines, Torq, FortiSOAR, etc.).
• Strong scripting skills (Python etc.), with the ability to create modular, scalable automation logic.
• Good understanding of alert and incident triage workflows within a SOC or similar environment.
• Familiarity with common cyber security tools and concepts, including SIEMs, EDRs, firewalls, ticketing systems, and threat intelligence.
• Experience integrating workflow automation tools with APIs, webhooks, and other data sources.
• Excellent communication and stakeholder engagement skills, with an ability to explain complex workflows in a clear and logical manner.
• Strong attention to detail and commitment to operational reliability.

Nice To Haves

• Direct experience using vendor attached workflow automation (Such as Crowdstrike Fusion etc)
• Proficiency in PowerShell or JavaScript for use in multi-language environments.
• Knowledge of MITRE ATT&CK, incident response frameworks, and security operations maturity models.
• Familiarity with reporting and dashboarding using platforms such as Kibana, Power BI, or similar.
• Understanding of compliance and audit requirements related to automated response and workflow documentation.
• Relevant industry certifications (e.g., SOAR vendor certs, GCIH, GCFA, or equivalent

Responsibilities

• Designing, building, and maintaining workflow and SOAR playbooks and automation, with a focus on high-impact, scalable outcomes.
• Collaborating with operations teams to understand and map current-state operational workflows and design efficient, future-state automated processes.
• Developing integrations with third-party tools, threat intel platforms, SIEMs, and APIs to support seamless orchestration.
• Supporting the continuous improvement of playbook performance through iterative development, testing and refinement.
• Conducting thorough testing and simulation (unit and regression) to ensure reliable, auditable playbook execution.
• Reviewing technical configurations across automation platforms and dependent systems to ensure consistency with workflow design.
• Creating and maintaining detailed documentation, including architecture diagrams, workflow maps, and operational playbook descriptions.
• Designing reporting and metric dashboards to demonstrate ROI and adoption of automation workflows.
• Identifying opportunities for new automation use cases and contributing to the long-term roadmap for client automation evolution.

Benefits

• ☀️ Time Off: 25 days annual leave + public holidays
• 🎂 Birthday Leave: One extra day off to celebrate
• 💰 Company Pension Scheme
• 📞 Employee Assistance Programme (EAP) for wellbeing support
• 🏃‍♀️ EkcOlympics: Global team activity challenges
• 📚 Unlimited access to Pluralsight for continuous development
• 🌱 Real opportunities to grow, including international progression