Security Automation Engineer

Position Overview

We are seeking a Security Automation Engineer with strong experience in Torq (preferred) or Cortex XSOAR to architect and evolve our automation ecosystem.
This role extends beyond playbook creation. You will:
•    Engineer intelligent, AI-assisted automation workflows
•    Develop agentic SOC orchestration strategies
•    Own automation performance reporting and metrics
•    Build client-facing and executive dashboards in Power BI
This is a high-impact engineering role that sits at the intersection of security operations, applied AI, and operational intelligence.

Responsibilities

SOAR & Automation Engineering
•    Design and maintain advanced workflows in Torq (preferred)
•    Develop modular, reusable automation templates for MSSP multi-tenancy
•    Implement automated enrichment, triage, containment, and remediation workflows
•    Engineer conditional and parallel logic to optimize MTTR
•    Integrate APIs across EDR, SIEM, firewall, IAM, email security, and cloud platforms
•    Maintain workflow logging, observability, and reliability

AI & Agentic Automation
•    Design AI-assisted decision support within SOC workflows
•    Implement LLM-powered alert summarization and investigation assistance
Build agentic workflows that:
•    Adapt dynamically based on investigation findings
•    Execute conditional response strategies
•    Escalate with intelligent human-in-the-loop controls
•    Evaluate and integrate emerging AI automation capabilities within Torq
•    Define safe operational boundaries for AI-driven actions

Reporting & Operational Intelligence
•    Develop automation performance dashboards within the SOAR platform
•    Track and report on:
•    Alert volume reduction
•    Automation success rate
•    MTTR improvement
•    False positive reduction
•    Tier 1 workload reduction
•    Build and maintain executive-level dashboards in Power BI
•    Integrate data from:
•    SOAR
•    SIEM
•    EDR
•    Ticketing systems
•    Design multi-tenant reporting models suitable for MSSP client delivery
•    Translate technical SOC metrics into executive-ready security outcomes

SOC Optimization & Scale
•    Identify high-volume, high-toil alert categories for automation
•    Build approval-gated containment workflows
•    Implement automation change control processes
•    Partner with SOC leadership to continuously improve operational maturity

Other duties as required within the context of the role.

Qualifications

4+ years in Security Operations or Security Engineering
•    3+ years hands-on SOAR experience
•    Direct experience with Torq (strongly preferred)
Cortex XSOAR acceptable with demonstrated adaptability
•    Experience building dashboards in Power BI
•    Strong understanding of SOC workflows and incident response lifecycle
•    Experience integrating REST APIs (JSON, webhooks)
•    Proficiency in Python scripting
•    Experience working in a multi-tenant MSSP environment (preferred)
Preferred Experience
•    Experience integrating AI/LLMs into automation workflows
•    Experience designing security metrics programs
•    Familiarity with:
•    CrowdStrike
•    Palo Alto
•    Fortinet
•    Microsoft Defender
•    Modern SIEM platforms
•    Email Security 
•    Experience designing executive security reporting
•    Knowledge of MITRE ATT&CK

Must be eligible to work for any U.S. employer without the need for sponsorship now or in the future. 

Compensation

This role offers a base salary range of $70,000–$92,000.

Vacancy

We have 1 available position(s).

Job Title: Security Automation Engineer
Requisition Number: 2261
Date: February 26, 2026
Location 1: Houston 
Remote: Yes 
Business Unit: Essential Industries 
Department: Information Systems & Information Technology
Job Type: Full-time
#LI-CH1# 
#SF#