Hybrid Automation Engineer at Ultraviolet cyber
Ultraviolet cyber · Hyderabad, United States Of America · Hybrid
- Office in Hyderabad
Job Description
Lead the design and deployment of scalable security automation workflows and playbooks in Cortex XSOAR (or equivalent platforms such as Splunk SOAR, Siemplify, etc.).
Serve as technical owner of the SOAR platform, managing connectors, integrations, performance monitoring, version control, and upgrades.
Build custom automations using Python scripts, decision logic, and API integrations to support alert enrichment, containment, and notification tasks.
Architect integrations with SIEMs (e.g., Splunk, QRadar), EDR, threat intel feeds (e.g., Anomali, VirusTotal), ticketing systems (e.g., ServiceNow, Jira), and other tools.
Drive automation of incident response (IR) use cases including phishing, malware, lateral movement, data exfiltration, insider threats, and vulnerability exploitation.
Partner with SOC, threat intelligence, and cloud security teams to identify automation opportunities and translate them into technical solutions.
Optimize SOAR playbooks to reduce mean time to detect (MTTD) and respond (MTTR) while maintaining reliability and resilience.
Mentor junior automation engineers and provide code reviews, best practices, and process guidance.
Contribute to development of automation standards, security engineering roadmaps, and cross-team documentation.
Stay abreast of emerging SOAR trends, threat landscapes, and new platform features.
Required Qualifications:
3+ years specifically working with SOAR platforms—Cortex XSOAR strongly preferred; Splunk SOAR, Siemplify, or Chronicle SOAR also acceptable.
Strong scripting experience in Python, especially within automation workflows.
Proven expertise in integrating security tools using REST APIs, Python SDKs, and platform connectors.
In-depth understanding of SOC operations, incident lifecycle, and security best practices (MITRE ATT&CK, NIST, etc.).
Familiarity with SIEM platforms (e.g., Splunk) and threat intelligence enrichment techniques.
Experience with version control (Git), CI/CD pipelines, and structured testing of automation code.
Demonstrated ability to lead complex automation initiatives and work independently with minimal guidance.
Strong written and verbal communication skills, especially in cross-functional team environments.
