[Remote] Automation / Orchestration / Security Engineer ::: 100% Remote
Note: The job is a remote job and is open to candidates in USA. Dice is a company seeking an Automation / Orchestration / Security Engineer. This hands-on position requires strong engineering fundamentals and security domain knowledge to build integrations and develop automation processes that enhance security workflows.
Responsibilities
- Own the design and delivery of security automation and orchestration capabilities that improve response time, consistency, and quality across security workflows
- Develop and maintain SOAR playbooks for alert triage, enrichment, containment, and remediation
- Build and manage automation integrations with security tooling (SIEM, EDR/XDR, IAM, ticketing, vulnerability management, cloud security) using APIs, webhooks, and event-driven architectures
- Create reusable automation components (scripts, libraries, templates) with appropriate error handling, retries, logging, and observability
- Collaborate with SOC analysts and Incident Response to translate procedures into automated runbooks; ensure safe execution with approval gates where needed
- Design automation with governance: role-based access controls, change management, auditability, and documentation
- Partner with engineering and infrastructure teams to automate security controls and guardrails (policy-as-code, compliance checks, hardening, configuration drift remediation)
- Support incident response by developing rapid automation for containment and evidence collection (while maintaining chain-of-custody and logging requirements)
Skills
- Candidates must demonstrate strong automation engineering skills, comfort working with APIs and distributed systems, and practical security knowledge relevant to modern enterprise environments
- 3+ years of experience in automation engineering, security engineering, security operations engineering, or a related role
- Proficiency in at least one scripting/programming language (Python preferred; PowerShell, or JavaScript)
- Experience with Automation and Orchestration tools like Ansible, Itential, Aria Orchestrator or similar product
- Hands-on experience designing and implementing automation using APIs (REST/JSON), webhooks, and authentication methods (OAuth2, tokens, mutual TLS)
- Working knowledge of SIEM concepts (log ingestion, correlation, queries) and SOC processes (triage, escalation, incident handling)
- Strong understanding of core security domains: IAM, endpoint security, network security, vulnerability management, and cloud security fundamentals
- Experience with Git-based workflows and software engineering practices (code review, branching strategies, testing)
- Ability to document solutions clearly (runbooks, diagrams, operating procedures) and communicate effectively with technical and non-technical stakeholders
- Experience with vulnerability management automation (ticketing workflows, remediation tracking, exception handling, SLA reporting)
- Cloud platform experience (AWS, Azure, and/or Google Cloud Platform), including security services and identity models
- Container and Kubernetes security familiarity
- Experience integrating with EDR/XDR tools and automating response actions (isolation, kill process, quarantine)
- Familiarity with ITSM and workflow tools (ServiceNow, Jira) and structured change management
Company Overview
Company H1B Sponsorship