Security Automation Engineer (SOAR)

About the role

We are looking for a skilled Security Automation Engineer to join our SOC Automation team and play a key role in building and scaling automation across Security Operations. This is a hands-on role - you will design, develop, and integrate automation solutions across SIEM, EDR, and other security platforms, contributing to our SOAR capabilities from the ground up. You will work in a technologically rich environment, integrating with a wide range of security and infrastructure systems across the network - a unique opportunity to build automation at scale in a greenfield setting, with real influence over the architecture and tooling decisions. We are especially interested in candidates who are curious about leveraging AI and intelligent agents to help evolve next-generation automation and response workflows - and who want to be a driving voice in how we apply those technologies. Your responsibilities will include: Automation development Design and develop automation workflows for incident response and SOC operations Identify and eliminate manual processes through scalable automation Build reusable components and maintainable automation patterns Engineering & integration Develop integrations using REST APIs, webhooks, and event-driven architectures Write high-quality, maintainable Python for automation and orchestration Implement data parsing, enrichment, and transformation across multiple systems SOAR & platform buildout Lead or actively contribute to the evaluation, selection, and implementation of SOAR/automation platforms Design the automation architecture and integration strategy for the team Build automation capabilities in a greenfield environment - your decisions will shape the foundation SOC collaboration Work closely with SOC analysts and incident responders to translate operational needs into automation solutions Improve end-to-end detection and response workflows through close partnership with the team AI & innovation Actively build and evaluate AI/LLM and agent-based workflows applied to security automation Prototype AI-assisted enrichment, triage, and response solutions and drive them toward production We expect you to have: Minimum 3 years of hands-on experience with SOAR platforms (e.g., Torq, Cortex XSOAR, Splunk SOAR, or similar) Strong hands-on experience with Python (or a comparable language) Experience designing or implementing automation frameworks or workflows Experience building integrations using REST APIs and web services Experience working with security tools such as SIEM, EDR/XDR, or ticketing systems Experience with at least one cloud platform (Azure, AWS, or GCP) Solid understanding of incident response processes and SOC alert-handling workflows Experience with at least one SIEM platform (Splunk,Sentinel,Qradar,Crowdstrike) It will be an added bonus if you have: Experience with CI/CD pipelines and DevOps practices Familiarity with cloud-native services and architecture Hands-on exposure to AI/ML, LLMs, or agent-based systems Has a strong hands-on engineering mindset - you build, not just advise Is proactive, solution-oriented, and detail-focused Is genuinely curious about AI and intelligent agents, not just aware of them Collaborates well with both technical and operational teammates Benefits & Perks: Competitive compensation Career growth and learning opportunities Flexibility and work-life balance Collaborative and innovative culture Opportunity to work on impactful AI projects International environment and talented teams What's it like to work at Nebius: Fast moving - Bold thinking - Constant growth - Meaningful impact - Trust and real ownership - Opportunity to shape the future of AI Equal Opportunity Statement: Nebius is an equal opportunity employer. We are committed to fostering an inclusive and diverse workplace and to providing equal employment opportunities in all aspects of employment. We do not discriminate on the basis of race, color, religion, sex (including pregnancy), national origin, ancestry, age, disability, genetic information, marital status, veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by applicable l

Benefits

Additional Information

About Nebius: Nebius is leading a new era in cloud infrastructure for the global AI economy. We are building a full-stack AI cloud platform that supports developers and enterprises from data and model training through to production deployment, without the cost and complexity of building large in-house AI/ML infrastructure. Built by engineers, for engineers. From large-scale GPU orchestration to inference optimization, we own the hard problems across compute, storage, networking and applied AI. Listed on Nasdaq (NBIS) and headquartered in Amsterdam, we have a global footprint with R&D hubs across Europe, the UK, North America and Israel. Our team of 1,500+ includes hundreds of engineers with deep expertise across hardware, software and AI R&D.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at nebius? Share your experience