Cybersecurity Lead

By /

Website Virtusa

Cybersecurity Lead

Location: Colombo, Western Province, Sri Lanka

Date Posted: 03/04/2026

Position Type: Full-Time / Leadership

Job Purpose

As the Cybersecurity Lead, you will be the primary architect and driver of our security automation strategy. Your mission is to design, implement, and optimize sophisticated workflows using SOAR (Security Orchestration, Automation, and Response) platforms to transform how we detect and respond to threats. You will bridge the gap between various security tools, ensuring seamless data exchange and high-efficiency incident response across a diverse global client base.

Key Responsibilities

Automation & Orchestration

  • Workflow Optimization: Develop and refine automation playbooks within Torq Hyperautomation or other major SOAR platforms (XSOAR, Splunk SOAR, LogicHub, Swimlane).

  • API Integration: Build and manage complex API integrations between SIEMs, EDRs, XDRs, case management systems, and cloud environments.

  • Data Transformation: Utilize expert-level JSON formatting, parsing, and data mapping to ensure seamless communication across disparate security platforms.

  • Incident Response (IR) Streamlining: Automate IR processes to significantly reduce Mean Time to Respond (MTTR) and enhance the accuracy of security event correlation.

Infrastructure & Engineering

  • Scalability & Reliability: Design fault-tolerant automation processes capable of scaling across thousands of endpoints and diverse client environments.

  • CI/CD Management: Maintain and optimize CI/CD pipeline infrastructure specifically within the context of a SOAR platform to ensure stable deployments.

  • Platform Migration: Lead strategic migration projects to modernize automation platforms while ensuring zero disruption to active security operations.

Collaboration & Strategy

  • Cross-Functional Synergy: Partner with SOC analysts, DFIR teams, and Threat Intelligence groups to translate manual investigation steps into automated capabilities.

  • Innovation: Continuously evaluate emerging automation techniques and tools to enhance SOC and MSSP (Managed Security Service Provider) workflows.

Candidate Profile

Must-Have Skills & Experience:

  • Professional Experience: 1+ years of dedicated experience in Security Automation or SOAR Engineering within an MSSP, DFIR, or enterprise security environment.

  • Technical Proficiency: Extensive hands-on experience with JSON (schema design, parsing, and API transformations).

  • Scripting: Strong scripting capabilities in Python, PowerShell, or Bash for workflow automation.

  • Integration Expertise: Proficiency in developing and integrating RESTful APIs, JSON-based APIs, and webhook-driven automations.

  • Security Stack Knowledge: Experience working with SIEMs (Splunk, Sentinel, QRadar) and EDR/XDR tools (CrowdStrike, SentinelOne, Cortex XDR).

Nice-to-Have Skills:

  • Specialized Experience: Prior work in multi-client MSSP environments or IR firms.

  • Platform Mastery: Hands-on experience with Torq Hyperautomation.

  • Advanced Tools: Proficiency using JQ filters for data manipulation and familiarity with Azure DevOps for CI/CD.

  • Certifications: Torq SOAR Analyst/Expert, CompTIA Security+, or Cloud Security certifications (AWS/Azure).

  • Cloud Automation: Experience automating security workflows in AWS, Azure, or Google Cloud.

We are an Equal Opportunity Employer.

Location: Colombo, Sri Lanka

Company: Virtusa

More Jobs

To apply for this job please visit www.virtusa.com.

Scroll to Top