Senior Security Automation Engineer (SOAR) - Mid-Atlantic region (Remote)
Remote · United States
Job Summary
Senior Security Automation Engineer (SOAR) responsible for designing and building security automation/orchestration workflows and automating security operations. Leverages SOAR platforms (such as Tines, Torq, Cortex XSOAR) to integrate security and IT systems via REST APIs, webhooks, and JSON, using Python scripting for custom logic and data transformations. Focuses on automating incident response processes, alert triage, and interactions with SIEM, EDR/XDR, and ticketing tools (ServiceNow, Jira), with experience in threat intelligence and email security. Remote-enabled role with occasional travel; opportunities to work in a consulting/enterprise security environment.
Required Qualifications
- 5+ years in security operations with a working understanding of how a SOC functions end to end (alert triage, escalation, incident response, case management)
- 3+ years specifically designing and building security automation/orchestration workflows
- Hands-on experience on at least one SOAR/automation platform; Tines, Torq, or Cortex XSOAR preferred
- Proficiency integrating security and IT systems via REST APIs, webhooks, and JSON
- Scripting ability, primarily Python, for custom logic, data transforms, and handling within automated workflows
- Working knowledge of the tooling categories automations connect to: SIEM, EDR/XDR, ticketing (ServiceNow, Jira), threat intelligence, and email security
- Ability to decompose a manual security process into a reliable automated workflow, including error handling, conditional logic, and secure runs
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.