Jobs · Engineering

Technical Lead-Cybersecurity

Birlasoft · Alpharetta, GA · 5 days ago
EngineeringFull-time

Key Responsibilities

  • Own the design and delivery of security automation and orchestration capabilities that improve response time, consistency, and quality across security workflows.
  • Develop and maintain SOAR playbooks for alert triage, enrichment, containment, and remediation.
  • Create and manage automation integrations with security tooling (SIEM, EDR/XDR, IAM, ticketing, vulnerability management, cloud security) using APIs, webhooks, and event-driven architectures.
  • Build reusable automation components (scripts, libraries, templates) with appropriate error handling, retries, logging, and observability.
  • Collaborate with SOC analysts and Incident Response to translate procedures into automated runbooks; ensure safe execution with approval gates where needed.
  • Design automation with governance: role-based access controls, change management, auditability, and documentation.
  • Partner with engineering and infrastructure teams to automate security controls and guardrails (policy-as-code, compliance checks, hardening, configuration drift remediation).
  • Support incident response by developing rapid automation for containment and evidence collection (while maintaining chain-of-custody and logging requirements).

Required Qualifications

  • Demonstrate strong automation engineering skills, comfort working with APIs and distributed systems, and practical security knowledge relevant to modern enterprise environments.
  • 3+ years of experience in automation engineering, security engineering, security operations engineering, or a related role.
  • Proficiency in at least one scripting/programming language (Python preferred; PowerShell, or JavaScript).
  • Hands-on experience designing and implementing automation using APIs (REST/JSON), webhooks, and authentication methods (OAuth2, tokens, mutual TLS).
  • Working knowledge of SIEM concepts (log ingestion, correlation, queries) and SOC processes (triage, escalation, incident handling).
  • Strong understanding of core security domains: IAM, endpoint security, network security, vulnerability management, and cloud security fundamentals.
  • Experience with Git-based workflows and software engineering practices (code review, branching strategies, testing).
  • Ability to document solutions clearly (runbooks, diagrams, operating procedures) and communicate effectively with technical and non-technical stakeholders.

Preferred Qualifications And Technical Skills

  • Experience with vulnerability management automation (ticketing workflows, remediation tracking, exception handling, SLA reporting).
  • Cloud platform experience (AWS, Azure, and/or GCP), including security services and identity models.
  • Container and Kubernetes security familiarity.
  • Experience integrating with EDR/XDR tools and automating response actions (isolation, kill process, quarantine).
  • Familiarity with ITSM and workflow tools (ServiceNow, Jira) and structured change management.

Similar jobs

Cybersecurity Lead

Management SolutionsChicago, IL· 2 wk ago
Information Technologyapply on app.jazz.co

Cybersecurity Lead

Integral Federal, Inc.McLean, VA· 1 mo ago
Engineeringapply on careers-integralfed.icims.com

Cybersecurity Lead

American Operations CorporationMontgomery, AL· 1 mo ago
Information Technologyapply on apply.workable.com

Cybersecurity Lead

Hanwha Defense USA, Inc.Huntsville, AL· 2 mo ago
Engineeringapply on workforcenow.adp.com