Cybersecurity Automation Developer

About The Position

Requirements

• Bachelor's degree in computer science, Information Security, or similar discipline is required with  3 years of experience
• Industry standard certifications will be considered such as OSCP, GIAC (GCTI, GCIH, GREM, GCFA, GPYC, GASAE, GCSA), CISSP and HTB CPTS
• A bachelor's degree in another field with 4 years relevant industry experience in cyber/information security will be considered
• In lieu of a degree, 5 years of related experience is required
• Related experience includes but is not limited to: SOC (Security Operations Center) experience, IT Security experience in detection, triage, investigation, and remediation of security incidents within a network and cyber automation engineer
• Understanding of adversarial techniques (i.e., MITRE ATT&CK framework)
• Strong understanding of programming/scripting code (Python, PowerShell, Bash. C#, JavaScript)
• Hands-on administration and engineering experience with SOAR (e.g., Cortex XSOAR, Splunk SOAR, Sentinel) platforms including advanced playbook design, integration management, and production support
• Experience troubleshooting and remediating automation failures, playbook errors, and platform performance issues in production environments
• Experience integrating security technologies (SIEM, EDR, IAM, firewalls, cloud tools) through REST APIs and automated data pipelines
• Ability to create, detect, and enhance security content
• Ability to develop and maintain automation playbooks and workflows
• Ability to handle, protect and preserve highly confidential information
• Understanding of networking concepts and technologies
• Basic understanding of statistics
• Must be organized and comfortable with ongoing changes in priorities
• Must be able to work independently with minimal supervision and within a team environment
• Strong foundation in cyber security
• Understanding of both Linux and Windows operating systems
• Demonstrate strong communication skills, both verbal and written
• Demonstrate creative problem solving and solutioning

Responsibilities

• Design, develop, and maintain automated security workflows that streamline SOC and Threat Hunting operations, reduce manual effort, and accelerate incident detection, response, and remediation
• Lead expert-level development, tuning, and lifecycle management of SOAR playbooks to automate alert triage, enrichment, containment, and response processes
• Identify, troubleshoot, and remediate playbook failures, integration issues, and automation errors, performing break-fix and tuning activities prior to production deployment
• Architect and maintain integrations between SOAR, SIEM, EDR, and third-party security tools using APIs and custom scripting to ensure reliable data ingestion and orchestration
• Develop custom automation scripts and integrations in Python and JavaScript to extend platform capabilities and address unique SOC and enterprise security requirements
• Create and maintain dashboards, reports, and metrics to provide visibility into automation performance and effectiveness
• Install, validate, and deploy content packs and updates, following change management best practices to promote stable releases from development through production
• Serve as the primary subject matter expert (SME) for the SOAR and security automation platforms, providing technical guidance, troubleshooting, and consulting support to the SOC, and Threat Hunting teams.
• Design and maintain scalable automation frameworks and data pipelines to normalize, correlate, and enrich security telemetry across enterprise and cloud environments
• Monitor and manage platform health, internal databases, and system performance to ensure reliability, data integrity, and continuous availability of automation services
• Lead vendor engagement and support activities, including ticket management, platform optimization discussions, and roadmap alignment with Customer Success Engineers
• Continuously evaluate and improve automation processes to reduce false positives, eliminate repetitive tasks, and increase efficiency and response quality
• Document standards, playbook designs, troubleshooting procedures, and best practices to promote knowledge sharing and operational consistency across the team
• Educate and mentor threat hunters and analysts on automation tools, workflows, and best practices to elevate overall SOC effectiveness
• Support metrics collection, reporting, and operational communications to leadership and stakeholders

Benefits

• competitive pay plus incentive compensation
• a company-sponsored pension plan
• 401(k) savings plan with matching employer contribution
• a choice of medical, prescription drug, dental, vision, and life insurance programs
• skills development training with tuition reimbursement