Job Description

• Design & develop SOAR playbooks to automate incident response and repetitive SOC tasks.

• Collaborate with SOC analysts and incident responders to identify automation opportunities.

• Integrate security tools (Fortinet, Splunk, EDR, threat intelligence feeds, etc.) into the SOAR platform.

• Build custom scripts (Python, PowerShell etc.) to support automation use cases.

• Develop and maintain documentation for playbooks, integrations, and automation workflows.

• Provide support and guidance to SOC teams in leveraging automation effectively.

Requirements

• Minimum 3-4 years of experience in Security Operations, SOC, or SecOps automation.

• Hands-on experience with SOAR platforms (e.g., Splunk SOAR/, FortiSOAR, Palo Alto Cortex XSOAR).

• Strong proficiency in scripting/programming (Python, PowerShell)

• Expertise in developing security playbooks (alert triage, phishing response, malware threat intel enrichment, etc.).

• Practical experience with Fortinet Security Suite (FortiSOAR, FortiSIEM, FortiGate) and Splunk (SIEM/SOAR) will be added advantage.

• Familiarity with SOC processes (incident detection, investigation, response, and escalation).

• Strong understanding of security frameworks and best practices (MITRE ATT&CK, NIST, CIS).

• Exposure to cloud security automation (AWS, Azure, GCP).

• CCNA certification is added advantage.

Skills Required