About the role
Lead / Principal Cyber Engineer (Automation) responsible for building and maintaining the Cybersecurity Operations Centre's automation, orchestration, and AI-assisted capabilities. This role focuses on engineering SOAR playbooks, API integrations, and AI/ML workflows to reduce manual workload, accelerate response times
BusinessOnsite
Key Responsibilities
- Design, develop, test, and maintain SOAR playbooks on FortiSOAR and/or Microsoft Sentinel Automation.
- Build modular, reusable playbook components.
- Implement human-in-the-loop decision gates for high-impact automated actions.
- Define and enforce playbook engineering standards.
- Maintain a playbook library with version control and documentation.
- Build and maintain bi-directional API integrations between SOC platforms.
Requirements
- Knowledge in Computer Science, Computer Engineering, Data Science, or related technical discipline.
- Hands-on playbook development experience on FortiSOAR, Microsoft Sentinel Automation, or equivalent SOAR platforms.
- Proficiency in Python for automation and API integration; PowerShell for Windows/Azure automation.
- Demonstrated experience building REST API integrations between security platforms.
- Working knowledge of Microsoft Sentinel.
- Experience with agentic AI frameworks for building autonomous investigation workflows.