Security Automation Engineer (SOAR) - Nebius
- חברה: Nebius
- מיקום: Israel
- טכנולוגיות: Python, REST APIs, AWS, Azure, SIEM, DevOps
תיאור המשרה
Design and develop automation workflows for incident response and SOC operations
Identify and eliminate manual processes through scalable automation
Build reusable components and maintainable automation patterns
Develop integrations using REST APIs, webhooks, and event-driven architectures
Write high-quality, maintainable Python for automation and orchestration
Implement data parsing, enrichment, and transformation across multiple systems
Lead or actively contribute to the evaluation, selection, and implementation of SOAR/automation platforms
Design the automation architecture and integration strategy for the team
Build automation capabilities in a greenfield environment - your decisions will shape the foundation
Work closely with SOC analysts and incident responders to translate operational needs into automation solutions
Improve end-to-end detection and response workflows through close partnership with the team
Actively build and evaluate AI/LLM and agent-based workflows applied to security automation
Prototype AI-assisted enrichment, triage, and response solutions and drive them toward production
Minimum 3 years of hands-on experience with SOAR platforms (e.g., Torq, Cortex XSOAR, Splunk SOAR, or similar)
Strong hands-on experience with Python (or a comparable language)
Experience designing or implementing automation frameworks or workflows
Experience building integrations using REST APIs and web services
Experience working with security tools such as SIEM, EDR/XDR, or ticketing systems
Experience with at least one cloud platform (Azure, AWS, or GCP)
Solid understanding of incident response processes and SOC alert-handling workflows
Experience with at least one SIEM platform (Splunk,Sentinel,Qradar,Crowdstrike)
Experience with CI/CD pipelines and DevOps practices
Familiarity with cloud-native services and architecture
Hands-on exposure to AI/ML, LLMs, or agent-based systems
Has a strong hands-on engineering mindset - you build, not just advise
Is proactive, solution-oriented, and detail-focused
Is genuinely curious about AI and intelligent agents, not just aware of them
Collaborates well with both technical and operational teammates
Competitive compensation
Career growth and learning opportunities
Flexibility and work-life balance
Collaborative and innovative culture
Opportunity to work on impactful AI projects
International environment and talented teams
תחומי אחריות
Automation development
Design and develop automation workflows for incident response and SOC operations
Identify and eliminate manual processes through scalable automation
Build reusable components and maintainable automation patterns
דרישות
Design and develop automation workflows for incident response and SOC operations
Identify and eliminate manual processes through scalable automation
Build reusable components and maintainable automation patterns
Develop integrations using REST APIs, webhooks, and event-driven architectures
Write high-quality, maintainable Python for automation and orchestration
Implement data parsing, enrichment, and transformation across multiple systems
Lead or actively contribute to the evaluation, selection, and implementation of SOAR/automation platforms
Design the automation architecture and integration strategy for the team
Build automation capabilities in a greenfield environment - your decisions will shape the foundation
Work closely with SOC analysts and incident responders to translate operational needs into automation solutions
Improve end-to-end detection and response workflows through close partnership with the team
Actively build and evaluate AI/LLM and agent-based workflows applied to security automation
Prototype AI-assisted enrichment, triage, and response solutions and drive them toward production
Minimum 3 years of hands-on experience with SOAR platforms (e.g., Torq, Cortex XSOAR, Splunk SOAR, or similar)
Strong hands-on experience with Python (or a comparable language)
Experience designing or implementing automation frameworks or workflows
Experience building integrations using REST APIs and web services
Experience working with security tools such as SIEM, EDR/XDR, or ticketing systems
Experience with at least one cloud platform (Azure, AWS, or GCP)
Solid understanding of incident response processes and SOC alert-handling workflows
Experience with at least one SIEM platform (Splunk,Sentinel,Qradar,Crowdstrike)
Experience with CI/CD pipelines and DevOps practices
Familiarity with cloud-native services and architecture
Hands-on exposure to AI/ML, LLMs, or agent-based systems
Has a strong hands-on engineering mindset - you build, not just advise
Is proactive, solution-oriented, and detail-focused
Is genuinely curious about AI and intelligent agents, not just aware of them
Collaborates well with both technical and operational teammates
Competitive compensation
Career growth and learning opportunities
Flexibility and work-life balance
Collaborative and innovative culture
Opportunity to work on impactful AI projects
International environment and talented teams