[Remote] Senior Security Automation Engineer (Remote in EST)

Note: The job is a remote job and is open to candidates in USA. GuidePoint Security is a company specializing in security operations, and they are seeking a Senior Security Automation Engineer. The role involves designing and building security automation workflows, integrating security and IT systems, and utilizing scripting to enhance automation processes.

Responsibilities

• 5+ years in security operations with a working understanding of how a SOC functions end to end (alert triage, escalation, incident response, case management)
• 3+ years specifically designing and building security automation/orchestration workflows
• Hands-on experience on at least one SOAR/automation platform; Tines, Torq, or Cortex XSOAR preferred
• Proficiency integrating security and IT systems via REST APIs, webhooks, and JSON
• Scripting ability, primarily Python, for custom logic, data transforms, and handling within automated workflows
• Working knowledge of the tooling categories automations connect to: SIEM, EDR/XDR, ticketing (ServiceNow, Jira), threat intelligence, and email security
• Ability to decompose a manual security process into a reliable automated workflow, including error handling, conditional logic, and secure runs
• Embraces emerging technologies, including AI tools, to work smarter, solve problems, and drive better business outcomes
• Familiarity using LLMs in a development and automation context, including AI assisted or agentic coding tools such as Claude Code or Codex; exposure to MCP based integrations is a plus
• Ability to independently scope automation requirements with clients and translate them into a build plan
• Platform or vendor certifications: Tines, Torq, Cortex XSOAR; or SIEM/EDR certs (such as Splunk, Microsoft Sentinel, CrowdStrike)
• Cloud experience (AWS or Azure) and familiarity with cloud native security tooling
• Prior delivery experience in a consulting, professional services, or MSSP environment
• Detection engineering exposure in areas such as detections-as-code (DaC), Sigma, or similar
• Version control and automation-as-code practices (Git or similar repo controls)

Skills

• 5+ years in security operations with a working understanding of how a SOC functions end to end (alert triage, escalation, incident response, case management)
• 3+ years specifically designing and building security automation/orchestration workflows
• Hands-on experience on at least one SOAR/automation platform; Tines, Torq, or Cortex XSOAR preferred
• Proficiency integrating security and IT systems via REST APIs, webhooks, and JSON
• Scripting ability, primarily Python, for custom logic, data transforms, and handling within automated workflows
• Working knowledge of the tooling categories automations connect to: SIEM, EDR/XDR, ticketing (ServiceNow, Jira), threat intelligence, and email security
• Ability to decompose a manual security process into a reliable automated workflow, including error handling, conditional logic, and secure runs
• Embraces emerging technologies, including AI tools, to work smarter, solve problems, and drive better business outcomes
• Familiarity using LLMs in a development and automation context, including AI assisted or agentic coding tools such as Claude Code or Codex; exposure to MCP based integrations is a plus
• Ability to independently scope automation requirements with clients and translate them into a build plan
• Platform or vendor certifications: Tines, Torq, Cortex XSOAR; or SIEM/EDR certs (such as Splunk, Microsoft Sentinel, CrowdStrike)
• Cloud experience (AWS or Azure) and familiarity with cloud native security tooling
• Prior delivery experience in a consulting, professional services, or MSSP environment
• Detection engineering exposure in areas such as detections-as-code (DaC), Sigma, or similar
• Version control and automation-as-code practices (Git or similar repo controls)

Company Overview

Company H1B Sponsorship