Technical Lead-Cybersecurity

Birlasoft LimitedAlpharetta, GA
Remote

About The Position

The Automation / Orchestration / Security Engineer designs, builds, and maintains automation and orchestration solutions that improve security outcomes, reduce manual effort, and increase reliability across security operations and engineering. This role partners with Security Operations, Incident Response, IT, and Platform/Cloud teams to integrate tools, standardize workflows, and implement measurable, auditable security automation. This position is hands-on and requires strong engineering fundamentals, security domain knowledge, and an automation-first mindset. The engineer will build integrations, develop playbooks/runbooks, and help mature detection-to-response processes with a focus on scalability, safety, and governance.

Requirements

  • Candidates must demonstrate strong automation engineering skills, comfort working with APIs and distributed systems, and practical security knowledge relevant to modern enterprise environments.
  • 3+ years of experience in automation engineering, security engineering, security operations engineering, or a related role.
  • Proficiency in at least one scripting/programming language (Python preferred; PowerShell, or JavaScript).
  • Experience with Automation and Orchestration tools like Ansible, Itential, Aria Orchestrator or similar product.
  • Hands-on experience designing and implementing automation using APIs (REST/JSON), webhooks, and authentication methods (OAuth2, tokens, mutual TLS).
  • Working knowledge of SIEM concepts (log ingestion, correlation, queries) and SOC processes (triage, escalation, incident handling).
  • Strong understanding of core security domains: IAM, endpoint security, network security, vulnerability management, and cloud security fundamentals.
  • Experience with Git-based workflows and software engineering practices (code review, branching strategies, testing).
  • Ability to document solutions clearly (runbooks, diagrams, operating procedures) and communicate effectively with technical and non-technical stakeholders.

Nice To Haves

  • Experience with vulnerability management automation (ticketing workflows, remediation tracking, exception handling, SLA reporting).
  • Cloud platform experience (AWS, Azure, and/or GCP), including security services and identity models.
  • Container and Kubernetes security familiarity
  • Experience integrating with EDR/XDR tools and automating response actions (isolation, kill process, quarantine).
  • Familiarity with ITSM and workflow tools (ServiceNow, Jira) and structured change management.

Responsibilities

  • Own the design and delivery of security automation and orchestration capabilities that improve response time, consistency, and quality across security workflows.
  • Develop and maintain SOAR playbooks for alert triage, enrichment, containment, and remediation.
  • Build and manage automation integrations with security tooling (SIEM, EDR/XDR, IAM, ticketing, vulnerability management, cloud security) using APIs, webhooks, and event-driven architectures.
  • Create reusable automation components (scripts, libraries, templates) with appropriate error handling, retries, logging, and observability.
  • Collaborate with SOC analysts and Incident Response to translate procedures into automated runbooks; ensure safe execution with approval gates where needed.
  • Design automation with governance: role-based access controls, change management, auditability, and documentation.
  • Partner with engineering and infrastructure teams to automate security controls and guardrails (policy-as-code, compliance checks, hardening, configuration drift remediation).
  • Support incident response by developing rapid automation for containment and evidence collection (while maintaining chain-of-custody and logging requirements).
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service