Security Automation Architect (SIEM/SOAR & AI)

New
P
Plain ConceptsCybersecurity
SpainFull-TimeSenior
Salary not disclosed
Apply NowOpens the employer's application page

Job Details

Experience
6+ years
Required Skills
QA Automation

Requirements

  • 6+ years of experience in cybersecurity with a focus on Detection & Response, SOC operations, and security automation.
  • Hands-on experience designing or implementing SIEM and/or SOAR platforms.
  • Proven experience in AI-assisted workflows, agentic automation, or AI-enabled operational processes.
  • Strong understanding of modern SOC operations across L1, L2, and L3 functions.
  • Practical knowledge of identity, permissions, API integrations, and secure automation design.
  • Experience developing detection use cases, incident response procedures, and SOC playbooks.
  • Strong documentation skills for operational procedures, use case specifications, and technical architecture.
  • Ability to work effectively with cross-functional stakeholders including analysts and engineering teams.
  • Familiarity with query languages like KQL or SPL and MITRE ATT&CK framework.
  • Understanding of alert enrichment, case management, and incident lifecycle management.

Responsibilities

  • Analyze current SOC operating models and escalation flows to identify opportunities for AI-driven automation.
  • Translate analyst procedures into structured, reusable, and automatable workflows and decision trees.
  • Define AI agent roles, permissions, and human-in-the-loop models for sensitive security actions.
  • Architect automation blueprints for detection, triage, incident response, and false-positive reduction.
  • Mitigate risks related to automated security processes, such as prompt injection, data leakage, and hallucinations.
  • Collaborate with security analysts, architects, and engineering teams to implement and refine SOC tooling integrations.
View Full Description & ApplyYou'll be redirected to the employer's site
View details
Apply Now