Junior SOC Automation Engineer

Role Summary

We are looking for a Junior SOC Automation Engineer who can actively contribute to building and maintaining automation workflows within our Security Operations Center. You will work at the intersection of cybersecurity and engineering — turning repetitive analyst tasks into reliable, automated pipelines using real security tooling and scripting.

Key Responsibilities

• Build and maintain automation playbooks for alert triage, IOC enrichment, ticket creation, and escalation workflows using platforms like n8n, Tines, or XSOAR.
• Develop Python/PowerShell scripts for API integrations, log parsing, and automated response actions.
• Integrate security tools including SIEM, EDR, threat intel platforms (VirusTotal, AbuseIPDB), and ticketing systems (Jira, ServiceNow) via REST APIs.
• Parse and normalize data across JSON, Syslog formats for use in automation pipelines.
• Handle webhook configurations and event-driven triggers for real-time automation.
• Troubleshoot failed workflows, perform root cause analysis, and maintain pipeline reliability.
• Handle webhook configurations and event-driven triggers for real-time automation.
• Troubleshoot failed workflows, perform root cause analysis, and maintain pipeline reliability.
• Document all workflows, playbooks, and API configurations in a Git repository.
• Collaborate with SOC analysts to identify manual processes suitable for automation.

Required Qualifications

• Technical Skills — Must Have
• Proficiency in Python/JS scripting — API calls, data parsing, error handling
• Strong understanding of REST APIs — authentication (API keys, OAuth, Bearer tokens), request handling, and response parsing
• Solid grasp of JSON and data transformation across formats.
• Comfort with Linux CLI — log inspection, file handling, running scripts.
• Basic understanding of networking fundamentals — DNS, HTTP/S, ports, protocols.
• Awareness of common attack types and IOCs — phishing, malware, brute force
• Tools — Exposure Expected.
• Conceptual understanding of what a SIEM is and how it functions — log aggregation, alert generation, correlation rules, and its role in a SOC environment. Hands-on exposure is a plus.
• Basic Git usage — commits, branching, pull requests.

Key Competencies

• Strong debugging and troubleshooting mindset.
• Ability to translate analyst requirements into automation logic
• High attention to detail in workflow design and script output
• Self-driven with ability to take ownership of tasks end-to-end
• Eagerness to continuously learn new tools and techniques

Qualifications

• Bachelor' degree in technical background.

Additional Information

Candidates can apply to recruitment@safeaeon.com