Overview
The Jr. SOAR Engineer supports the design, implementation, and maintenance of security orchestration, automation, and response workflows that improve the efficiency and effectiveness of the Security Operations function. This role works closely with security analysts, infrastructure, and DevOps teams to automate repetitive security tasks, improve alert triage and incident response workflows, and integrate security tooling to support monitoring, investigation, and remediation activities. This position also contributes to documentation, troubleshooting, and continuous improvement of security automation processes.
Responsibilities
-
Assist in designing, building, testing, and maintaining security automation workflows and playbooks for common security use cases such as alert enrichment, triage, escalation, notification, and containment.
-
Support integration of security and IT tools with the SOAR platform using APIs, connectors, scripts, and documented workflows.
-
Work with Security Operations personnel to identify repetitive tasks suitable for automation and help translate analyst workflows into repeatable playbooks.
-
Monitor automation health, troubleshoot failed jobs or playbooks, and escalate issues as needed to restore operational effectiveness.
-
Assist with incident response activities by supporting automated and semi-automated response actions under approved procedures and change controls.
-
Maintain technical documentation for playbooks, integrations, workflows, standard operating procedures, and troubleshooting guides.
-
Participate in testing, validation, and continuous improvement of automation content to reduce false positives, improve analyst efficiency, and support consistent response processes.
-
Collaborate with Security Ops, Infrastructure, DevOps, and application owners to ensure automation aligns with operational, security, and compliance requirements.
-
Support after-hours incident response or on-call activities as required by business need.
This list of responsibilities might not cover everything you'll end up doing.
Qualifications
Education and Experience
-
Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field; or equivalent practical experience.
-
Foundational understanding of security operations, incident response, and alert/investigation workflows.
-
Basic experience with scripting/automation using languages such as Python, PowerShell, or Bash.
-
Basic understanding of APIs, JSON, webhooks, and system integrations.
-
Familiarity with SIEM, case management, or alerting platforms is preferred.
-
Ability to troubleshoot workflow failures and analyze logs, errors, and integration issues.
-
Strong written and verbal communication skills and ability to work across technical and non-technical teams.
-
Organized, detail-oriented, and able to maintain documentation and follow defined procedures.
-
0–2 years of experience in cybersecurity, security operations, automation engineering, DevOps, or a related technical role.
-
Exposure to one or more of the following is preferred:
-
Security tooling integrations
-
Incident response processes
-
Version control / CI/CD practices
Competencies
-
Ability to prioritize work and efficiently, respond to unexpected changes
-
Ability to work collaboratively and effectively within the security management team and within cross-functional teams
-
Demonstrate effective oral, written communication, and collaboration skills
-
Ability to work in a fast-paced, dynamic environment
Benefits
We offer a Total Rewards plan designed with you and your family’s health and wellness in mind that includes:
-
Paid days off (i.e. vacation, sick days, bereavement leave)
-
Health and Dental plans
-
Retirement plans
-
Employee and Family Assistance Program (EFAP)
-
Employee referral program
We welcome applicants from all backgrounds, regardless of race, color, religion, sex, veteran status, sexual orientation, gender identity, national origin, age, or disability or any other protected characteristics in accordance with applicable federal, state/provincial, and local laws. We're committed to creating a workplace where everyone feels valued and respected.
We appreciate all responses and will acknowledge only those being considered for an interview.
We respectfully request no calls or unsolicited resumes from Agencies.
