SOAR Engineer, Cyber Defense Detection

About the role

The SOAR Engineer will enable and maintain the technology stack required for daily operations within a Cyber Defense Center. You will work closely with Security Architects, Analysts, client IT teams, and other stakeholders to define requirements, deliver recommendations, and ensure the effectiveness of detection and response capabilities.

Key responsibilities

• Configure, monitor, and maintain client SIEM and SOAR platforms to ensure operational readiness.
• Create and tune detection content, automation playbooks, and integration workflows.
• Collaborate with cross‑functional teams to define security requirements and implement solutions.
• Identify gaps, propose improvements, and set appropriate configurations for SOC operations.
• Manage APIs and dependencies for automation, ensuring seamless integration with security tools.

Required profile

• Bachelor's degree in Computer Science, Cybersecurity, or related field, or equivalent practical experience.
• Minimum 3 years of experience in detection engineering, SOAR automation, or a similar role.
• At least 3 years working with SOC/CSIRT or incident response teams.
• Experience with detection tuning using SIEM, EDR, or NDR tools.
• Proficiency in scripting languages such as PowerShell and Python.

Required skills

• SIEM platforms (e.g., rule creation, advanced correlation searching).
• SOAR platforms and automation playbook development.
• Query languages: SPL, KQL, YARA‑L.
• API integration and management.
• Logging knowledge for Linux systems and network equipment.