Security Automation Engineer

Position Overview We are seeking a Security Automation Engineer with strong experience in Torq (preferred) or Cortex XSOAR to architect and evolve our automation ecosystem. This role extends beyond playbook creation. You will:

Engineer intelligent, AI-assisted automation workflows

Develop agentic SOC orchestration strategies

Own automation performance reporting and metrics

Build client-facing and executive dashboards in Power BI

This is a high-impact engineering role that sits at the intersection of security operations, applied AI, and operational intelligence.

Responsibilities SOAR & Automation Engineering

Design and maintain advanced workflows in Torq (preferred)

Develop modular, reusable automation templates for MSSP multi-tenancy

Implement automated enrichment, triage, containment, and remediation workflows

Engineer conditional and parallel logic to optimize MTTR

Integrate APIs across EDR, SIEM, firewall, IAM, email security, and cloud platforms

Maintain workflow logging, observability, and reliability

AI & Agentic Automation

Design AI-assisted decision support within SOC workflows

Implement LLM-powered alert summarization and investigation assistance

Build agentic workflows that adapt dynamically based on investigation findings

Execute conditional response strategies

Escalate with intelligent human-in-the-loop controls

Evaluate and integrate emerging AI automation capabilities within Torq

Define safe operational boundaries for AI-driven actions

Reporting & Operational Intelligence

Develop automation performance dashboards within the SOAR platform

Track and report on alert volume reduction

Automation success rate

MTTR improvement

False positive reduction

Tier 1 workload reduction

Build and maintain executive-level dashboards in Power BI

Integrate data from SOAR, SIEM, EDR, Ticketing systems

Design multi-tenant reporting models suitable for MSSP client delivery

Translate technical SOC metrics into executive-ready security outcomes

SOC Optimization & Scale

Identify high-volume, high-toil alert categories for automation

Build approval-gated containment workflows

Implement automation change control processes

Partner with SOC leadership to continuously improve operational maturity

Other duties as required within the context of the role.

Qualifications

4+ years in Security Operations or Security Engineering

3+ years hands‑on SOAR experience

Direct experience with Torq (strongly preferred)

Cortex XSOAR acceptable with demonstrated adaptability

Experience building dashboards in Power BI

Strong understanding of SOC workflows and incident response lifecycle

Experience integrating REST APIs (JSON, webhooks)

Proficiency in Python scripting

Experience working in a multi-tenant MSSP environment (preferred)

Experience integrating AI/LLMs into automation workflows

Experience designing security metrics programs

Familiarity with CrowdStrike, Palo Alto, Fortinet, Microsoft Defender, Modern SIEM platforms, Email Security

Experience designing executive security reporting

Knowledge of MITRE ATT&CK

Legal Requirement Must be eligible to work for any U.S. employer without the need for sponsorship now or in the future.

Compensation This role offers a base salary range of $70,000–$92,000.

Vacancy We have 1 available position(s).

Job Title: Security Automation Engineer Requisition Number: 2261 Date: February 26, 2026 Location 1: Houston Remote: Yes Business Unit: Essential Industries Department: Information Systems & Information Technology Job Type: Full-time

#J-18808-Ljbffr