HiTakeJobHiTakeJob

Security Automation Engineer (SOAR) - Nebius

  • חברה: Nebius
  • מיקום: Israel
  • טכנולוגיות: Python, REST APIs, AWS, Azure, SIEM, DevOps

תיאור המשרה

Design and develop automation workflows for incident response and SOC operations Identify and eliminate manual processes through scalable automation Build reusable components and maintainable automation patterns Develop integrations using REST APIs, webhooks, and event-driven architectures Write high-quality, maintainable Python for automation and orchestration Implement data parsing, enrichment, and transformation across multiple systems Lead or actively contribute to the evaluation, selection, and implementation of SOAR/automation platforms Design the automation architecture and integration strategy for the team Build automation capabilities in a greenfield environment - your decisions will shape the foundation Work closely with SOC analysts and incident responders to translate operational needs into automation solutions Improve end-to-end detection and response workflows through close partnership with the team Actively build and evaluate AI/LLM and agent-based workflows applied to security automation Prototype AI-assisted enrichment, triage, and response solutions and drive them toward production Minimum 3 years of hands-on experience with SOAR platforms (e.g., Torq, Cortex XSOAR, Splunk SOAR, or similar) Strong hands-on experience with Python (or a comparable language) Experience designing or implementing automation frameworks or workflows Experience building integrations using REST APIs and web services Experience working with security tools such as SIEM, EDR/XDR, or ticketing systems Experience with at least one cloud platform (Azure, AWS, or GCP) Solid understanding of incident response processes and SOC alert-handling workflows Experience with at least one SIEM platform (Splunk,Sentinel,Qradar,Crowdstrike) Experience with CI/CD pipelines and DevOps practices Familiarity with cloud-native services and architecture Hands-on exposure to AI/ML, LLMs, or agent-based systems Has a strong hands-on engineering mindset - you build, not just advise Is proactive, solution-oriented, and detail-focused Is genuinely curious about AI and intelligent agents, not just aware of them Collaborates well with both technical and operational teammates Competitive compensation Career growth and learning opportunities Flexibility and work-life balance Collaborative and innovative culture Opportunity to work on impactful AI projects International environment and talented teams

תחומי אחריות

Automation development Design and develop automation workflows for incident response and SOC operations Identify and eliminate manual processes through scalable automation Build reusable components and maintainable automation patterns

דרישות

Design and develop automation workflows for incident response and SOC operations Identify and eliminate manual processes through scalable automation Build reusable components and maintainable automation patterns Develop integrations using REST APIs, webhooks, and event-driven architectures Write high-quality, maintainable Python for automation and orchestration Implement data parsing, enrichment, and transformation across multiple systems Lead or actively contribute to the evaluation, selection, and implementation of SOAR/automation platforms Design the automation architecture and integration strategy for the team Build automation capabilities in a greenfield environment - your decisions will shape the foundation Work closely with SOC analysts and incident responders to translate operational needs into automation solutions Improve end-to-end detection and response workflows through close partnership with the team Actively build and evaluate AI/LLM and agent-based workflows applied to security automation Prototype AI-assisted enrichment, triage, and response solutions and drive them toward production Minimum 3 years of hands-on experience with SOAR platforms (e.g., Torq, Cortex XSOAR, Splunk SOAR, or similar) Strong hands-on experience with Python (or a comparable language) Experience designing or implementing automation frameworks or workflows Experience building integrations using REST APIs and web services Experience working with security tools such as SIEM, EDR/XDR, or ticketing systems Experience with at least one cloud platform (Azure, AWS, or GCP) Solid understanding of incident response processes and SOC alert-handling workflows Experience with at least one SIEM platform (Splunk,Sentinel,Qradar,Crowdstrike) Experience with CI/CD pipelines and DevOps practices Familiarity with cloud-native services and architecture Hands-on exposure to AI/ML, LLMs, or agent-based systems Has a strong hands-on engineering mindset - you build, not just advise Is proactive, solution-oriented, and detail-focused Is genuinely curious about AI and intelligent agents, not just aware of them Collaborates well with both technical and operational teammates Competitive compensation Career growth and learning opportunities Flexibility and work-life balance Collaborative and innovative culture Opportunity to work on impactful AI projects International environment and talented teams