Bengaluru, Karnataka
Job Summary
The Track Lead (Support & Operations) plays a pivotal role in managing security event investigations and implementing technical solutions within the organization. This position focuses on enhancing operational efficiencies, ensuring client satisfaction, and fostering a culture of continuous improvement and innovation among teams. The Track Lead is instrumental in aligning operational goals with organizational objectives while empowering teams to meet client SLAs effectively.
The Automation & Security Engineer is responsible for designing, developing, and maintaining security automation workflows (SOAR playbooks) using platforms such as Microsoft Sentinel, Azure Logic Apps, and SOAR tools .
The role focuses on automating incident triage, enrichment, and response actions to reduce manual efforts and improve SOC efficiency
Key Responsibilities
1. Implement And Optimize Soar Solutions To Automate Security Event Investigations, Ensuring Timely And Accurate Incident Response While Enhancing Overall Operational Efficiency.
2. Develop And Maintain Comprehensive Reporting Systems Using Siem Tools To Provide Insights Into Security Incidents And Operational Performance, Facilitating Informed Decision-Making.
3. Lead And Mentor The Support Team By Fostering Transparent Communication Of Project Goals And Encouraging The Adoption Of Best Practices In Security Operations.
4. Collaborate With Clients To Thoroughly Understand Their Security Needs, Ensuring The Support Team Delivers Tailored Solutions That Exceed Client Expectations.
5. Drive Innovation By Identifying Opportunities For Process Improvements And Implementing New Ideas That Enhance The Effectiveness Of Security Operations.
Design, develop, and maintain SOAR playbooks / automation workflows for security incidents
Build automation using:
Azure Logic Apps
Microsoft Sentinel
SOAR platforms (Siemplify / Chronicle / Custom)
Automate use cases such as:
Incident enrichment
Alert triaging
Threat containment actions (IP blocking, endpoint isolation) [3.B1.S_Tar...LTech.docx | PDF]
B. Security Operations Automation
Integrate security tooling ecosystem:
SIEM / Sentinel
EDR (Defender, CrowdStrike etc.)
ITSM (ServiceNow)
Threat Intelligence platforms
Enable automated ticket creation, updates, and correlation
Build end-to-end alert-to-response pipelines [HCL JDE Ru...k_SOC_v1.0 | Word]
C. Playbook Development & Optimization
Develop automated workflows for:
Malware detection response
Suspicious login investigation
Phishing triage
Optimize playbooks for:
Faster MTTR
Reduced false positives
Improved response accuracy
D. Integration & API Engineering
Configure integrations using:
REST APIs
Webhooks
Native connectors (Logic Apps / Sentinel)
Automate data ingestion and enrichment pipelines
E. Detection Engineering Support
Work with detection teams to:
Convert detection rules into automated response workflows
Improve correlation logic
Enhance analytics and anomaly detection capabilities
Skill Requirements
1. Strong Proficiency In Security Event Investigation And Soar Technologies.
2. In-Depth Knowledge Of Siem Tools And Their Application In Operational Environments.
3. Excellent Problem-Solving Abilities And A Strong Understanding Of Client Relationship Management.
4. Proven Leadership Skills With The Ability To Mentor And Empower Teams Effectively.
Strong experience in SOAR platforms / Automation engineering Hands-on with:
Azure Logic Apps
Microsoft Sentinel (automation rules, playbooks)
Experience in incident response automation workflows
Cloud security exposure (Azure, AWS, M365 Defender)
SOC / SIEM concepts
Incident response lifecycle
Threat intelligence integration
Security event correlation
Other Requirements
1. Optional But Valuable Certifications: Certified Information Systems Security Professional (Cissp), Security+ Certification, Or Any Relevant Soar Or Siem Certifications
Scripting:
Python / PowerShell
API integration & automation
Cloud security (Azure preferred
#body.unify div.unify-button-container .unify-apply-now: focus, #body.unify div.unify-button-container .unify-apply-#body.unify div.unify-button-container .unify-apply-now: focus, #body.unify div.unify-button-container .unify-apply-
