Security Automation Engineer

By /

Website Virtusa

Security Automation Engineer

Location: Colombo, Western Province, Sri Lanka

Role Overview

The Security Automation Engineer is responsible for designing, developing, and optimizing automated workflows to strengthen security operations. You will focus on integrating diverse security tools, streamlining incident response, and building scalable automation processes that reduce MTTR (Mean Time to Respond) across enterprise and multi-client environments.

Key Responsibilities

  • Workflow Development: Create and refine automation playbooks within Torq Hyperautomation or other SOAR platforms (e.g., XSOAR, Splunk SOAR, Swimlane).

  • System Integration: Build robust API integrations between SIEMs, EDR/XDR platforms, case management systems, and cloud environments.

  • Data Transformation: Utilize advanced JSON formatting, parsing, and schema design to ensure seamless data exchange across security platforms.

  • Incident Response Optimization: Streamline automated response actions to improve efficiency and enhance security event correlation for SOC and DFIR teams.

  • Scalability & Reliability: Design fault-tolerant automation processes capable of scaling across a large client base.

  • Lifecycle Management: Maintain CI/CD pipeline infrastructure within SOAR platforms and lead migration projects to upgraded automation technologies.

  • Innovation: Continuously evaluate emerging automation techniques to enhance MSSP and SOC workflows.

Qualifications & Experience

Must-Have Skills

  • Experience: 1+ years in security automation, SOAR engineering, or cybersecurity automation within an MSSP, DFIR, or enterprise environment.

  • JSON Mastery: Extensive experience with JSON schema design, manipulation, and API-based data transformations.

  • Scripting: Strong proficiency in Python, PowerShell, or Bash for workflow automation.

  • API Development: Deep knowledge of RESTful APIs, webhooks, and JSON-based integrations.

  • Security Tooling: Hands-on experience with SIEMs (Splunk, Sentinel, QRadar) and EDR/XDR tools (CrowdStrike, SentinelOne, Cortex XDR).

  • Domain Knowledge: Solid understanding of the incident response lifecycle and threat intelligence.

Nice-to-Have Skills

  • Multi-Client Environments: Experience working within an MSSP or security service provider.

  • Platform Expertise: Hands-on experience with Torq Hyperautomation or similar SOAR platforms.

  • Certifications: Torq SOAR Analyst/Expert, CompTIA Security+, or Cloud Security certifications (AWS/Azure).

  • Advanced Tools: Proficiency in using JQ filters for data manipulation and familiarity with Azure DevOps CI/CD pipelines.

  • Cloud Security: Experience automating security workflows in AWS, Azure, or Google Cloud.

  • Leadership: Prior experience leading SOAR migration projects or developing custom security playbooks.

This is an Equal Opportunity Role.

Location: Colombo, Western Province, Sri Lanka

Company: Virtusa

More Jobs

To apply for this job please visit www.virtusa.com.

Scroll to Top