Security Automation Engineer


Security Information and Event Management (SIEM)


company visual

Security Automation Engineer

in the Automated Security Operation team

Are you willing to come and shape the future of security operations? In our European MSS, the Automated Security Operation team helps clients all over Europe implementing full scale SecOps leveraging cutting edge SOAR technologies.

About the role

  • Full-time position
  • Open for career levels 9-10

As a Security Automation Engineer you will:

  • Implement, maintain and operate SOAR platforms
  • Work in partnership with the Managed Security Services teams to identify opportunities for improvement
  • Develop and implement automations for detection and response
  • Design security dashboard
  • Be the subject matter experts on security automation
  • Work closely with the SOC Managers and Solution Architects to bring the product vision to life
  • Produce System Analytics to prove automation behavior assumptions
  • Document all system changes in line with Change Management good practices
  • Recommend, Develop and Release new Use Cases and Integrations to maximize the benefits and efficiencies from a SOAR platform
  • Drive client demos alongside the security teams

What it takes

You will succeed as a Security Automation Engineer if you have:

  • Minimum 3 years of hands-on system engineer experience on security platforms
  • Experience working in system development
  • A passion for security automation and a solid understanding of security incident response
  • Knowledge of security frameworks including MITRE ATT&CK, NIST, etc.
  • Solid development experience with Python and/or Javascript
  • A BSc in Engineering, Computer Science or relevant field

How to stand out

You will thrive as a Security Automation Engineer if you:

  • Have experience working in DevOps
  • Have previous experience as a SIEM/SOAR Engineer
  • Are experienced with Splunk, Splunk Enterprise Security or other SIEM platforms
  • Have experience with Splunk SOAR and/or Palo Alto Networks Cortex XSOAR (this is considered a plus)
  • Have working experience and knowledge of operating systems (e.g.: Windows, UNIX/Linux) and databases
  • Have knowledge in various scripting and programming languages (this is considered a plus)
  • Are comfortable working independently as well as part of a fast-moving team
  • Are able to meet deadlines, time constraints and periodic requirements
  • Have experience in working with data lakes
  • Have an understanding of entire technology stack of networks, databases, applications and endpoints
  • Are able to learn and retain information on multiple products
  • Are detailed-oriented with strong communication, interpersonal and organizational skillsHave strong critical thinking, analytical and problem-solving skills
  • Have excellent communication (written and oral) and interpersonal skills
  • Are an avid learner, initiative-taker, and team player