Calian logo

Security Automation Engineer

Calian Houston, Texas, United States

remotefull-time

Salary: $70,000 - $92,000 / year

Posted Mar 7, 2026Apply by Apr 6, 2026

  • Role & seniority

    • Security Automation Engineer (mid to senior level)

  • Stack/tools

    • Torq (preferred) or Cortex XSOAR

    • REST APIs (JSON, webhooks)

    • Power BI (executive dashboards)

    • Python scripting

    • EDR, SIEM, firewall, IAM, email security, cloud platforms

    • Multi-tenant MSSP environments

  • Top 3 responsibilities

    • Design, build, and maintain advanced, modular SOAR automation workflows; implement automated enrichment, triage, containment, and remediation

    • Develop AI-assisted decision support and agentic automation (LLM-powered alert summarization, dynamic investigation-driven actions, human-in-the-loop controls)

    • Create automation performance reporting and executive dashboards; track MTTR, alert reduction, false positives, and multi-tenant metrics

  • Must-have skills

    • 4+ years in Security Operations or Security Engineering; 3+ years hands-on SOAR experience

    • Direct Torq experience (strongly preferred) or Cortex XSOAR with adaptability

    • Experience building dashboards in Power BI

    • Strong SOC workflow knowledge and incident response lifecycle

    • API integration experience (REST, JSON, webhooks); Python scripting

    • Experience in multi-tenant MSSP environments (preferred)

  • Nice-to-haves

    • AI/LLM integration into automation workflows

    • Security metrics program design; executive security reporting

    • Familiarity with CrowdStrike, Palo Alto, Fortinet, Microsoft Defender, modern SIEMs, email security

    • MITRE ATT&CK knowledge

  • Loc

Full Description

Position Overview

We are seeking a Security Automation Engineer with strong experience in Torq (preferred) or Cortex XSOAR to architect and evolve our automation ecosystem.

This role extends beyond playbook creation. You will

Engineer intelligent, AI-assisted automation workflows Develop agentic SOC orchestration strategies Own automation performance reporting and metrics Build client-facing and executive dashboards in Power BI

This is a high-impact engineering role that sits at the intersection of security operations, applied AI, and operational intelligence.

Responsibilities

SOAR & Automation Engineering

Design and maintain advanced workflows in Torq (preferred) Develop modular, reusable automation templates for MSSP multi-tenancy Implement automated enrichment, triage, containment, and remediation workflows Engineer conditional and parallel logic to optimize MTTR Integrate APIs across EDR, SIEM, firewall, IAM, email security, and cloud platforms Maintain workflow logging, observability, and reliability

AI & Agentic Automation

Design AI-assisted decision support within SOC workflows Implement LLM-powered alert summarization and investigation assistance

Build agentic workflows that

Adapt dynamically based on investigation findings Execute conditional response strategies Escalate with intelligent human-in-the-loop controls Evaluate and integrate emerging AI automation capabilities within Torq Define safe operational boundaries for AI-driven actions

Reporting & Operational Intelligence

Develop automation performance dashboards within the SOAR platform

Track and report on

  • Alert volume reduction
  • Automation success rate
  • MTTR improvement
  • False positive reduction
  • Tier 1 workload reduction
  • Build and maintain executive-level dashboards in Power BI

Integrate data from

  • SOAR
  • SIEM
  • EDR
  • Ticketing systems
  • Design multi-tenant reporting models suitable for MSSP client delivery
  • Translate technical SOC metrics into executive-ready security outcomes

SOC Optimization & Scale

Identify high-volume, high-toil alert categories for automation Build approval-gated containment workflows Implement automation change control processes Partner with SOC leadership to continuously improve operational maturity

Other duties as required within the context of the role.

Qualifications

4+ years in Security Operations or Security Engineering

3+ years hands-on SOAR experience Direct experience with Torq (strongly preferred)

Cortex XSOAR acceptable with demonstrated adaptability

Experience building dashboards in Power BI Strong understanding of SOC workflows and incident response lifecycle Experience integrating REST APIs (JSON, webhooks) Proficiency in Python scripting Experience working in a multi-tenant MSSP environment (preferred)

Preferred Experience

Experience integrating AI/LLMs into automation workflows Experience designing security metrics programs

Familiarity with

  • CrowdStrike
  • Palo Alto
  • Fortinet
  • Microsoft Defender
  • Modern SIEM platforms
  • Email Security
  • Experience designing executive security reporting
  • Knowledge of MITRE ATT&CK

Must be eligible to work for any U.S. employer without the need for sponsorship now or in the future.

Compensation

This role offers a base salary range of $70,000–$92,000.

Vacancy

We have 1 available position(s).

TorqCortex XSOARAI-Assisted AutomationSOC OrchestrationPower BIWorkflow EngineeringAPI IntegrationPython ScriptingIncident ResponseLLMMTTR OptimizationMSSP Multi-tenancySIEMEDRIAMChange Controlmulti-location

Cookies & analytics consent

We serve candidates globally, so we only activate Google Tag Manager and other analytics after you opt in. This keeps us aligned with GDPR/UK DPA, ePrivacy, LGPD, and similar rules. Essential features still run without analytics cookies.

Read how we use data in our Privacy Policy and Terms of Service.