Senior Automation Engineer (XSOAR)

Automation Engineer (XSOAR)

Contract: 6-Month W2 (with potential for extension/conversion)

Location: 100% Remote

Start Date: ASAP

Pay Range: $65-$70/hour depending on experience

Overview

Our client is seeking an experienced Automation Engineer to help build and expand their next-generation security automation capabilities.

This role will operate as a peer to an exsisting Automation Engineer with both engineers sharing ownership of the SOAR platform. The team has more work than a single engineer can support and is intentionally adding a second senior-level engineer to provide platform resiliency, shared accountability, and increased delivery velocity.

This is a hands-on engineering role for someone who has owned SOAR platforms end to end, not just executed siloed automation tasks.

Key Responsibilities:

SOAR Platform Engineering & Ownership

• Co-own the design, implementation, and ongoing evolution of the Cortex XSOAR platform, operating as a peer to the existing automation engineer.
• Support the rebuild and maturation of a currently non-mature XSOAR environment, including:
• Platform health monitoring
• Core integrations
• Data enrichment workflows
• Development and testing environments
• Build, test, and maintain advanced XSOAR playbooks, sub-playbooks, and automations using Python, PowerShell, and REST APIs.

Interested in remote work opportunities in Devops? Discover Devops Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

• Develop scalable automations across incident response, threat detection, and vulnerability management use cases.
• Integrate XSOAR with SIEM, EDR, ticketing systems, cloud platforms, and other security tooling.
• Identify high-impact automation opportunities, gather requirements, and translate them into end-to-end technical solutions.
• Ensure the reliability, performance, and maintainability of automation pipelines in production environments.

API Integration & Cloud Automation

• Design and implement API-driven integrations for data ingestion, enrichment, and automated response.
• Build or extend custom integrations using REST APIs, including authentication, error handling, and data transformation.
• Collaborate with teams working across AWS, Azure, or GCP to enhance cloud security automation and response workflows.

Required Qualifications

• 5+ years of hands-on SOAR automation engineering experience, with significant ownership of Cortex XSOAR (Demisto) implementations.
• Demonstrated experience owning or operating a SOAR platform end to end, with accountability for how integrations, playbooks, enrichment, and monitoring function together as a system.
• Strong Python scripting experience, used directly within SOAR platforms for automation logic and integrations.
• Experience building and integrating REST API–based workflows with third-party systems.
• Background in security operations, incident response, or detection engineering, with a strong understanding of SOC workflows.
• Hands-on experience with Splunk or other SIEM platforms.
• Strong troubleshooting, problem-solving, and communication skills.
• Comfortable working in a fully remote, highly collaborative environment.

Nice-to-Have

• Prior experience standing up or rebuilding SOAR platforms in immature or evolving environments.
• Experience supporting health monitoring and resiliency for automation platforms.
• Cloud security experience across AWS, Azure, or GCP.
• Experience automating security workflows at large enterprise scale.

Additional Details

• This role directly supports our client's Cyber Defense Automation initiatives and works closely with security engineering, incident response, and cloud security teams. The successful candidate will be someone who is comfortable owning outcomes, not just executing assigned tasks.

EEO Statement:

Brooksource is an equal opportunity employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex or gender (including pregnancy, childbirth, lactation and related medical conditions), gender identity or gender expression, sexual orientation, marital status, military service and veteran status, physical or mental disability, protected medical condition as defined by applicable state or local law, genetic information, or any other characteristic protected by applicable federal,

state, or local laws and ordinances.

Pay Disclaimer:

The pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Benefits & Perks:

Brooksource offers competitive medical, dental, vision, Health Savings Account, Dependent Care FSA, and supplemental coverage with plans that can fit each employee’s needs. We offer a 401k plan that includes a company match and is fully vested after you become eligible, paid time off, and sick time. Paid company holidays are subject to hour requirements and completion of the new hire period (13 weeks). We also offer an Employee Assistance Program (EAP) that provides services like virtual counseling, financial services, legal services, life coaching, etc.