Automation Engineer

Job Description

A SOAR (Security Orchestration, Automation, and Response) Automation Security Engineer plays a pivotal role in modern cybersecurity operations by bridging advanced automation with incident response. This professional designs, implements, and optimizes workflows that integrate diverse security tools into a unified platform, enabling rapid detection, triage, and remediation of threats. By leveraging orchestration and automation, the SOAR engineer reduces manual effort, accelerates response times, and ensures consistent, repeatable security processes-ultimately strengthening an organization's resilience against evolving cyber threats while freeing analysts to focus on strategic initiatives.

What You Will Do:

• Provide automation for tasks for better and more accurate response

• Ingest large amounts of data for investigation and triage on security events

• Create alerts and alarms on known security issues

• Create dashboards and metrics for security data

• Works with Engineering and Incident Response teams for tuning and improvements

• Provides second and third level support and analysis for security incidents Improve Mean Time to Repair (MTTR) on Security/Business tasks by including automation

• Ingest new security indicators to uncover security flaws before they become an incident

• Promote security best practices through automation for education and response

• Support continuous improvements and reviews of security playbooks

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

Skills and Requirements

• Experience leveraging Microsoft API functionality (Graph, O365)

• Experience Security Endpoints, preferably Elastic Endgame

• Experience with data engineering practices in cloud environments, preferably Azure

• Ability to work independently, establishing strategic objectives, project plans, and milestones - Bachelor's Degree in Computer Science or related technical field

• 10+ years of technical delivery experience

• CompTIA Security+ Cert

• CompTIA Network+ Cert

• Experience in a SOAR (Security, Orchestration, Automation and Response) Platform, specifically Swimlane

• Experience working in a SIEM, preferably in Elastic

Certifications: (If applicable)

• CompTIA Security+ Cert

• CompTIA Network+ Cert