Lead SOAR Automation Engineer

Job Description The Lead SOAR Automation Engineer will be a pivotal member of the Versant Cyber Defense Operations Team. This individual will lead the development, deployment, and optimization of Security Orchestration, Automation, and Response (SOAR) capabilities to enhance incident response efficiency and reduce manual workloads across the cybersecurity organization. This role requires deep technical expertise in security automation, scripting, and orchestration platforms. The engineer will collaborate with incident response, threat intelligence, internal investigations, and vulnerability management teams to design automated workflows that streamline detection, triage, and remediation processes. The ideal candidate will be a strategic thinker with hands-on experience in building scalable automation solutions and integrating them into complex enterprise environments. Responsibilities Design, develop, and maintain SOAR playbooks and automation workflows using platforms such as Palo Alto Cortex XSOAR, Splunk Phantom, or similar Collaborate with SOC analysts, incident responders, vulnerability management analysts, and investigation analysts to identify automation opportunities and translate them into technical solutions Inform Cyber Leadership of all changes, and modifications to the SOAR platform Integrate SOAR tools with SIEM, ticketing systems, threat intelligence platforms, and other security technologies Continuously improve automation logic based on feedback, threat trends, and operational metrics Ensure playbooks are aligned with incident response procedures and compliance requirements Provide technical leadership and mentorship to junior automation engineers Document workflows, configurations, and operational guidelines for SOAR processes Support incident response efforts by rapidly deploying automation during active investigations Evaluate emerging SOAR technologies and recommend enhancements to existing infrastructure