Security Orchestration Automation and Response (SOAR) and Artificial Intelligence Engineer

What you'll do

• The SOAR and AI Engineer is responsible for designing, implementing, maintaining, and optimizing security automation and orchestration capabilities across the Security Operations Center.  The position also uses AI to accelerate the cybersecurity response process and manage security breaches or system failures specifically targeting AI models and environments.
• This position develops automated workflows that reduce manual effort, improve response speed, and increase operational consistency. The engineer integrates security tools, develops automated response actions, builds investigation playbooks, and continuously improves operational efficiency.
• The SOAR Engineer works closely with SOC analysts, incident responders, threat hunters, and security engineers to identify repetitive tasks that can be automated. The engineer transforms manual workflows into scalable automated processes that enable the SOC to operate at greater speed and effectiveness.
• The position plays a critical role in modernizing security operations and reducing analyst workload while improving response quality.

Qualifications

• Candidates must possess strong knowledge of security operations, incident response processes, API integrations, artificial intelligence, workflow automation, scripting, and orchestration platforms.
• The candidate should have experience integrating SIEM platforms, EDR solutions, threat intelligence feeds, ticketing systems, cloud security services, vulnerability management tools, and communication platforms.
• Strong scripting and automation skills are required, including experience with Python, PowerShell, REST APIs, JSON, and workflow design. Candidates should understand SOC processes deeply enough to automate them effectively.
• Required certifications include Security+, CASP+, CISSP, vendor-specific SOAR certifications, or equivalent experience.