RemoteLeaf Logo
Log in Sign up

Security Automation Engineer (SOAR) - Mid-Atlantic region (Remote)

6 hours, 44 minutes ago
United States
Full-time
Senior
Security Engineer
DevOps and Infrastructure
AWS Azure Git JIRA JSON LLM Python REST API SIEM SOC
Apply Now
GuidePoint Security

GuidePoint Security

GuidePoint Security is a trusted cybersecurity consulting firm that provides expertise, solutions, and services to help organizations make informed decisions and minimize risks. Their elite team of experts offers holistic perspectives on cybersecurity,...

Internet Software & Services
251-1K
Founded 2011
View All Jobs 42

Description

  • Design and build security automation and orchestration workflows.
  • Support and improve end-to-end SOC processes including alert triage, escalation, incident response, and case management.
  • Integrate security and IT systems using REST APIs, webhooks, and JSON.
  • Develop custom workflow logic and data transformations using Python scripting.
  • Translate manual security processes into reliable automated workflows with error handling, conditional logic, and secure execution.
  • Work with security tooling such as SIEM, EDR/XDR, ticketing, threat intelligence, and email security platforms.
  • Scope automation requirements with clients and turn them into build plans.
  • Apply automation-as-code and version control practices to workflow development.
  • Collaborate in a consulting or professional services environment and provide solution delivery support.

Requirements

  • 5+ years of experience in security operations with an understanding of how a SOC functions end to end.
  • 3+ years of experience designing and building security automation or orchestration workflows.
  • Hands-on experience with at least one SOAR or automation platform; Tines, Torq, or Cortex XSOAR preferred.
  • Proficiency integrating systems through REST APIs, webhooks, and JSON.
  • Scripting experience, primarily in Python, for custom logic and data transforms.
  • Working knowledge of SIEM, EDR/XDR, ticketing systems such as ServiceNow or Jira, threat intelligence, and email security tools.
  • Ability to decompose manual security processes into automated workflows with error handling, conditional logic, and secure runs.
  • Familiarity with LLMs in development and automation contexts, including Claude Code or Codex, is preferred.
  • Exposure to MCP-based integrations is a plus.
  • Ability to independently scope automation requirements with clients and translate them into a build plan.
  • Platform or vendor certifications in Tines, Torq, Cortex XSOAR, Splunk, Microsoft Sentinel, or CrowdStrike are preferred.
  • Cloud experience with AWS or Azure and familiarity with cloud-native security tooling are preferred.
  • Prior delivery experience in a consulting, professional services, or MSSP environment is preferred.
  • Detection engineering exposure such as detections-as-code or Sigma is preferred.
  • Version control and automation-as-code experience with Git or similar repo controls is preferred.

Benefits

  • Remote-first workforce for U.S.-based employees, with some travel or on-site work required for certain federal positions.
  • Medical insurance options with significant employer premium contributions, including PPO and HSA plan choices.
  • Dental insurance with full employee premium coverage and partial family premium coverage.
  • 12 corporate holidays and a Flexible Time Off (FTO) program.
  • Healthy mobile phone and home internet allowance.
  • Retirement plan eligibility after 2 months at open enrollment.
  • Pet benefit option.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Parachute Health

IT & Security Engineer (Contract)

Parachute Health 51-250 Health Care Providers & Services

Parachute Health is hiring a contractor for its IT & Security team to support secure, compliant, and efficient healthcare technology operations across identity, endpoint, network, and cloud security.

United States Contract Entry Level Security Engineer
AWS Bash CrowdStrike DHCP DNS GCP Git GitHub HIPAA Linux macOS OAuth PostgreSQL PowerShell Python SAML Splunk SQL TLS
1 hour, 58 minutes ago
MetroStar

Sr. Solutions Architect (DevSecOps) II (6444)

MetroStar 251-1K IT Services

MetroStar is seeking a Sr. Solutions Architect (DevSecOps) II to lead secure platform and cloud solution efforts for containerized, microservices-based environments while ensuring compliance, continuous monitoring, and incident response readiness.

United States Full-time Senior Platform Engineer Security Engineer
$166k-$202k
AWS CI/CD Cybersecurity DevSecOps Jenkins Kubernetes Microservices OpenShift SonarQube Splunk
3 hours, 23 minutes ago
Trility Consulting

Senior DevSecOps Consultant (Azure / Secrets Management)

Trility Consulting 51-250 Internet Software & Services

Trility Consulting is seeking a remote Senior DevSecOps Consultant to lead a short-term Azure security engagement focused on strengthening secrets management, application security, and repeatable DevSecOps standards across client environments.

United States Contract Lead DevOps Engineer Security Engineer
Azure CI/CD DevSecOps GitHub .NET Python Secrets Management SQL Server
4 hours, 2 minutes ago
Make-A-Wish America

Lead Manager, IT Security Engineer

Make-A-Wish America 1K-5K Diversified Consumer Services

Make-A-Wish is hiring an Information Technology Security professional to help protect the organization’s information, infrastructure, and stakeholders through enterprise security design, operations, and incident support.

United States Full-time Senior Security Engineer
$68k-$84k
Azure Windows Server
4 hours, 28 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers