- info@lkcareers.lk
- No : 07, Turnour Rd, Colombo 08.
- 070 700 1110
Key Responsibilities
Develop and optimize automation workflows using Torq Hyperautomation or similar SOAR platforms (XSOAR, Splunk SOAR, LogicHub, Swimlane).
Build API integrations between security tools such as SIEM, EDR, XDR, case management systems, and cloud platforms.
Work extensively with JSON for formatting, parsing, and data transformations to support integration across security tools.
Automate incident response processes to improve efficiency and reduce MTTR.
Design and maintain scalable automation processes supporting multiple clients.
Maintain and optimize CI/CD pipeline infrastructure within SOAR environments.
Work closely with SOC analysts, DFIR teams, and threat intelligence teams to improve automation capabilities.
Support automation platform migrations and ensure minimal disruption to security operations.
Continuously identify and implement improvements to security automation workflows.
Key Requirements
1+ years of experience in security automation, SOAR engineering, or cybersecurity automation in MSSP, DFIR, or enterprise environments.
Strong experience working with JSON, including schema design, parsing, and data transformation.
Scripting experience in Python, PowerShell, or Bash.
Experience with API development and integrations including REST APIs, JSON APIs, and webhooks.
Experience working with SIEM tools (Splunk, Sentinel, QRadar, Rapid7 IDR) and EDR/XDR tools (CrowdStrike, SentinelOne, Cortex XDR, Stellar Cyber).
Knowledge of incident response processes, threat intelligence, and security event management.
Experience with SOAR platforms such as Torq, XSOAR, or Splunk SOAR is an advantage.
Familiarity with CI/CD pipelines and cloud platforms (AWS, Azure, or Google Cloud) is a plus.
