Senior SOC Analyst @ freshworks

We are seeking a highly skilled SOAR Automation Engineer to join our dynamic Security Operations Center (SOC) team. In this role, you will be responsible for designing, developing, and managing automation workflows to enhance our security operations. You will play a critical role in improving incident response efficiency, reducing manual efforts, and integrating advanced security tools across the organization.

Key Responsibilities:

• Design, develop, and maintain automated security playbooks using SOAR platforms (e.g., Palo Alto Cortex XSOAR, Splunk SOAR, IBM Resilient).

• Integrate and orchestrate security tools, including SIEMs, threat intelligence platforms, endpoint detection solutions, and firewalls.

• Automate incident response processes, including threat detection, containment, remediation, and reporting.

• Develop custom scripts (Python, PowerShell, JavaScript) for automation tasks and API integrations.

• Collaborate with SOC analysts, threat hunters, and IT teams to identify automation opportunities and improve workflows.

• Monitor, analyze, and optimize the performance of automated security processes.

• Provide technical support and troubleshooting for automation-related issues.

• Stay up-to-date with the latest trends in cybersecurity automation and threat intelligence.Qualifications

• Bachelor s degree in Cybersecurity, Computer Science, Information Technology, or a related field (or equivalent practical experience).

• 4-7 years of experience in security operations, incident response, and security automation.

• Strong hands-on experience with SOAR platforms (e.g., Cortex XSOAR, Splunk SOAR, IBM Resilient, Swimlane).

• Proficient in scripting languages like Python, PowerShell, or JavaScript.

• Experience with REST APIs, JSON, and webhooks for system integrations.

• Solid understanding of network protocols, security concepts, and incident response frameworks.

• Familiarity with SIEM tools like Splunk, QRadar, Elastic Stack, or similar.

• Strong problem-solving skills and attention to detail.

Preferred Certifications:

• Splunk SOAR Certified or Cortex XSOAR Certified Automation Engineer

• Certified Information Systems Security Professional (CISSP)

• CompTIA Security+ or Certified Ethical Hacker (CEH)

• SOAR-specific training (e.g., Palo Alto, IBM Resilient courses)