B

Information Security Engineer – Security Automation and Response

Remote
Apply
AI Summary

Seeking an Information Security Engineer specializing in Security Automation and Response for a fully remote, direct-hire position. This role focuses on advancing Security Operations through SOAR playbook development, automation, and AI-driven workflows to streamline incident response and enhance SOC efficiency. Requires strong experience in SOAR, Python, API integrations, threat detection, SIEM query languages, and incident response.

Key Highlights
Direct Hire, 100% Remote position
Focus on SOAR playbook development and automation
Requires strong SIEM knowledge and threat detection experience
Key Responsibilities
Develop, implement, and maintain SOAR playbooks to automate repetitive security tasks, including alert triage, threat investigation, and incident response, using tools like SOAR, Python, and API integrations.
Advance Security Operations capabilities through AI-driven initiatives, in collaboration with the Information Security Operations Manager.
Investigate malware, intrusions, unauthorized access, and data infiltration/exfiltration events.
Analyze logs, memory, disk images, and network captures to determine attack scope and impact.
Stay current on cyber threats and industry best practices to continuously enhance SOC capabilities.
Work with SIEM platforms and associated query languages (Yara-L, CQL, SPL, etc.).
Participate in Purple Team activities.
Participate in on-call rotation and respond to critical security events.
Technical Skills Required
SOAR Python SIEM
Nice to Have
Security certifications (GIAC, CISSP)

Job Description


Job Title: Information Security Engineer – Security Automation and Response

Primary Location: 100% Remote

Position Type: Direct Hire

Must be US Citizen or Green Card



Must-Have Skills (Top Priority — in order of importance

  1. )SOAR playbook development — hands-on experience automating repetitive security tasks using SOAR tools, Python, and API integration
  2. sThreat detection development and SOAR automation knowledge, with IR experienc
  3. eStrong SIEM knowledge, including query languages: Yara-L, CQL, SPL, etc
  4. .Experience supporting AI-driven security operations initiative



  • s

    Prior experience developing SOAR playbooks (not just using pre-built on
  • es)Has created processes using SOAR automat
  • ionHelped a SOC gain more visibility with l
  • ogsHas developed detecti
  • onsExperience with the specific query languages above is a strong sig


nal
Overv

iew:An Information Security Engineer – Security Automation and Response. This is a Direct Hire role, fully remote. This position exists to advance Security Operations capabilities through SOAR playbook development, automation, and AI-driven workflows, streamlining incident response and improving SOC operational efficie


ncy.
What You Bring to the Role (Ideal Experi

  • ence)BS or BA in Computer Science, Engineering, or equivalent education, training, or work exper
  • ience5+ years of security experience, or equivalent training and educ
  • ationSolid knowledge of computing systems, data network communications, and network archite
  • ctureHands-on experience with SOAR playbook develo
  • pmentRequired scripting or programming skills (Python, PowerShell, Go,
  • etc.)Experience in incident response and threat investig
  • ationExperience in threat detection and understanding of logging sy
  • stemsSecurity certifications (GIAC, CISSP) pref
  • erredEffective written and verbal communication s


kills
What You'll Do (Skills Used in this Pos

  • ition)Develop, implement, and maintain SOAR playbooks to automate repetitive security tasks, including alert triage, threat investigation, and incident response, using tools like SOAR, Python, and API integr
  • ationsAdvance Security Operations capabilities through AI-driven initiatives, in collaboration with the Information Security Operations M
  • anagerInvestigate malware, intrusions, unauthorized access, and data infiltration/exfiltration
  • eventsAnalyze logs, memory, disk images, and network captures to determine attack scope and
  • impactStay current on cyber threats and industry best practices to continuously enhance SOC capabi
  • litiesWork with SIEM platforms and associated query languages (Yara-L, CQL, SPL,
  • etc.)Participate in Purple Team acti
  • vitiesParticipate in on-call rotation and respond to critical security


events

Similar Jobs

Explore other opportunities that match your interests

Senior Cybersecurity Program Manager

Cyber Security
16h ago
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Mid-Senior level

Droisys

United State

Senior Information Security Engineer

Cyber Security
23h ago
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Mid-Senior level

Employbridge

United State

IT Security Manager

Cyber Security
23h ago
Visa Sponsorship Relocation Remote
Job Type Contract
Experience Level Mid-Senior level

nextgenpros inc

United State

Subscribe our newsletter

New Things Will Always Update Regularly