Lead Security Automation Engineer - Virtusa Colombo

About the job

Key Responsibilities And Accountabilities:

Develop and optimize automation workflows within Torq Hyperautomation or other SOAR platforms such as XSOAR, Splunk SOAR, LogicHub Swimlane

Build API integrations between security tools such as SIEMs EDRs XDRs case management systems, and cloud platforms

Extensively work with JSON formatting parsing and data transformations to enable seamless data exchange across multiple security platforms

Streamline incident response automation to improve efficiency, reduce MTTR and enhance security event correlation

Design and maintain fault-tolerant automation processes that scale across thousands of clients

Maintain and optimize CI CD pipeline infrastructure within a SOAR platform

Collaborate with SOC analysts, DFIR teams and threat intelligence groups to refine and enhance automation capabilities

Lead migration projects to improve automation platforms, ensuring seamless transitions without impacting security operations

Continuously evaluate and implement emerging automation techniques to enhance SOC and MSSP workflows

Skills and Ability

Must Have Skills And Experience:

1 plus years of experience in security automation, SOAR engineering, or cybersecurity automation within an MSSP DFIR or enterprise security environment

Extensive experience working with JSON, including JSON schema design, manipulation, parsing and API based data transformations

Strong scripting skills in Python, PowerShell or Bash for workflow automation

Proficiency in API development and integration, including RESTful APIs, based APIs and webhook automation

Experience working with SIEM such as Splunk Sentinel, QRadar Rapid7 IDR and EDR or XDR tools such as CrowdStrike, SentinelOne, Stellar Cyber Cortex XDR

Knowledge of incident response threat intelligence and security event lifecycle management

Nice to Have Skills

Experience in multi-client environments, MSSP IR firms or security service providers

Hands-on experience with Torq Hyperautomation XSOAR, Splunk SOAR, or similar platforms

Certifications such as Torq SOAR Analyst, Torq SOAR Expert, CompTIA Security plus AWS or Azure Security Certifications

Proficiency in using JQ filters for data manipulation

Familiarity with CI CD pipelines such as Azure DevOps

Experience automating cloud security workflows, AWS Azure Google Cloud

Familiarity with case management automation and cross-platform data normalization

Prior experience leading SOAR migration projects or developing custom security playbooks