Cyber Security Engineer

Job Title: Cyber Security Engineer – SOAR & Python Location: (Location / Remote) Experience: 3–5+ Years Job Summary We are seeking a highly motivated and skilled Cyber Security Engineer with strong expertise in Security Orchestration, Automation, and Response (SOAR) platforms and Python scripting. The ideal candidate will be responsible for designing and implementing security automation solutions, streamlining incident response processes, and integrating security tools to enhance the organization's overall cybersecurity posture. Key Responsibilities Design, develop, and maintain automated security workflows and playbooks using SOAR platforms such as Splunk Phantom, Cortex XSOAR, IBM Resilient, or similar solutions.

Develop and customize integrations between security tools, applications, and SOAR platforms using Python, APIs, and web services. Automate incident response and remediation processes to improve operational efficiency and reduce manual effort. Collaborate with SOC analysts, threat intelligence teams, and security engineers to identify opportunities for automation and process optimization.

Monitor, investigate, and analyze security incidents, perform root cause analysis, and implement automated mitigation strategies. Support the integration and management of security technologies, including SIEM, EDR, firewalls, and threat intelligence platforms. Develop reusable scripts, tools, and modules to support security operations and automation initiatives.

Ensure adherence to security policies, standards, and compliance requirements. Create and maintain technical documentation, playbooks, runbooks, and standard operating procedures. Stay current with emerging cybersecurity threats, technologies, and industry best practices.

Required Skills & Qualifications Strong hands-on experience with SOAR platforms such as Splunk Phantom, Cortex XSOAR, IBM Resilient, or equivalent solutions. Proficiency in Python scripting for automation, API integrations, data processing, and orchestration tasks. Experience working with security technologies such as SIEM (Splunk, QRadar), EDR solutions, firewalls, and threat intelligence platforms.

Good understanding of cybersecurity principles, incident response methodologies, and security frameworks. Hands-on experience with REST APIs, JSON, XML, and web service integrations. Ability to write efficient, modular, scalable, and maintainable code.

Experience in developing, testing, and managing automated playbooks and workflows. Strong troubleshooting, debugging, analytical, and problem-solving skills. Excellent communication and collaboration skills.

Preferred Qualifications Experience with cloud security platforms such as AWS, Azure, or GCP. Certifications such as CISSP, CEH, GIAC, Splunk SOAR Administrator, or equivalent security certifications. Knowledge of containerization technologies such as Docker and Kubernetes.

Familiarity with CI/CD pipelines and DevSecOps practices. Exposure to additional scripting languages such as Bash, PowerShell, or Go.