Calian GroupRemote
Security Automation Engineer
United States
Full Time
3 hours ago
$70,000 - $92,000 USD
No H1B
Key skills
SOAR experienceTorqPower BIPython scriptingREST APIsAI integrationSOC workflowsMSSP environmentsecurity metricsMITRE ATT&CKPythonAILLMAgenticBIIAMLeadershipFirewall
About this role
Calian Group is seeking a Security Automation Engineer to architect and evolve their automation ecosystem. This high-impact engineering role focuses on creating intelligent, AI-assisted automation workflows and developing strategies for SOC orchestration.
Responsibilities:
- Design and maintain advanced workflows in Torq (preferred)
- Develop modular, reusable automation templates for MSSP multi-tenancy
- Implement automated enrichment, triage, containment, and remediation workflows
- Engineer conditional and parallel logic to optimize MTTR
- Integrate APIs across EDR, SIEM, firewall, IAM, email security, and cloud platforms
- Maintain workflow logging, observability, and reliability
- Design AI-assisted decision support within SOC workflows
- Implement LLM-powered alert summarization and investigation assistance
- Build agentic workflows that:
- Adapt dynamically based on investigation findings
- Execute conditional response strategies
- Escalate with intelligent human-in-the-loop controls
- Evaluate and integrate emerging AI automation capabilities within Torq
- Define safe operational boundaries for AI-driven actions
- Develop automation performance dashboards within the SOAR platform
- Track and report on:
- Alert volume reduction
- Automation success rate
- MTTR improvement
- False positive reduction
- Tier 1 workload reduction
- Build and maintain executive-level dashboards in Power BI
- Integrate data from:
- SOAR
- SIEM
- EDR
- Ticketing systems
- Design multi-tenant reporting models suitable for MSSP client delivery
- Translate technical SOC metrics into executive-ready security outcomes
- Identify high-volume, high-toil alert categories for automation
- Build approval-gated containment workflows
- Implement automation change control processes
- Partner with SOC leadership to continuously improve operational maturity
- Other duties as required within the context of the role
Requirements:
- 4+ years in Security Operations or Security Engineering
- 3+ years hands-on SOAR experience
- Cortex XSOAR acceptable with demonstrated adaptability
- Experience building dashboards in Power BI
- Strong understanding of SOC workflows and incident response lifecycle
- Experience integrating REST APIs (JSON, webhooks)
- Proficiency in Python scripting
- Must be eligible to work for any U.S. employer without the need for sponsorship now or in the future
- Direct experience with Torq (strongly preferred)
- Experience working in a multi-tenant MSSP environment (preferred)
- Experience integrating AI/LLMs into automation workflows
- Experience designing security metrics programs
- Familiarity with: CrowdStrike, Palo Alto, Fortinet, Microsoft Defender, Modern SIEM platforms, Email Security
- Experience designing executive security reporting
- Knowledge of MITRE ATT&CK