Lead Cyber Security Engineer (SOAR)

Duties & Responsibilities Architect, build, and maintain enterprise SOAR automations using Swimlane, Splunk Phantom, and Microsoft Logic Apps. Develop advanced, scalable playbooks and integrations across SIEM, EDR, NDR, identity, cloud, network, and ticketing systems. Create reusable automation modules, connectors, and workflow components for consistent orchestration across the environment. Lead automation-driven incident response capabilities, including enrichment, triage, containment, and remediation actions. Integrate SOAR workflows with Microsoft Defender, Sentinel, Entra, ServiceNow, and other API-driven platforms. Oversee SOAR platform operations, including governance, tuning, upgrades, reliability improvements, and troubleshooting. Partner with SOC, IR, Security Engineering, Cloud, Network, and Identity teams to identify high-impact automation opportunities and optimize processes. Conduct root-cause analysis of automation failures and implement long-term corrective and preventiv...