Security Automation Engineer (SOAR)

Nebius
IL
On-site

Who this role is best for

Best suited to mid-level security automation engineers with Python and SOAR platform experience working in AI-driven cloud environments.

Best fit for

  • Engineers who thrive in greenfield automation projects with architectural influence.
    — “Build automation capabilities in a greenfield environment
  • Candidates eager to prototype AI-assisted security workflows beyond traditional SOAR.
    — “Actively build and evaluate AI/LLM and agent-based workflows
  • Hands-on builders comfortable integrating multiple security platforms via APIs.
    — “Develop integrations using REST APIs, webhooks, and event-driven architectures

Things to consider

  • Expectation to collaborate closely with SOC analysts on workflow translation.
    — “Work closely with SOC analysts and incident responders

How to stand out

  • Showcase production-grade Python samples beyond SOAR platform configuration.
    — “Write high-quality, maintainable Python for automation and orchestration
  • Highlight specific cloud security integrations you've built from scratch.
    — “Experience with at least one cloud platform
  • Demonstrate proactive AI prototyping with security workflow applications.
    — “Prototype AI-assisted enrichment, triage, and response solutions
Pace · SteadyCollaboration · HighAutonomy · MediumDecision Impact · TeamLevel · Senior

Derived from job-description analysis by Serendipath's career intelligence engine.

What success looks like

  • designing and developing automation workflows
  • building integrations
Typical background
security automationSOAR platforms

Skills & requirements

Required

SOAR PlatformsPythonREST Apis

Preferred

Ai/ml In SecurityLLM

Stack & domain

Soar PlatformsPythonRest ApisWebhooksEvent-driven ArchitecturesData ParsingEnrichmentTransformationAILLMAgent-based WorkflowsCuriousDriving VoiceEvolve Next-generation Automation And Response WorkflowsSecurity OperationsIncident ResponseAutomationAi Integration

About the role

Original posting from Nebius

About Nebius:

Nebius is leading a new era in cloud infrastructure for the global AI economy. We are building a full-stack AI cloud platform that supports developers and enterprises from data and model training through to production deployment, without the cost and complexity of building large in-house AI/ML infrastructure.

Built by engineers, for engineers. From large-scale GPU orchestration to inference optimization, we own the hard problems across compute, storage, networking and applied AI.

Listed on Nasdaq (NBIS) and headquartered in Amsterdam, we have a global footprint with R&D hubs across Europe, the UK, North America and Israel. Our team of 1,500+ includes hundreds of engineers with deep expertise across hardware, software and AI R&D.

The role

We are looking for a skilled Security Automation Engineer to join our SOC Automation team and play a key role in building and scaling automation across Security Operations. This is a hands-on role — you will design, develop, and integrate automation solutions across SIEM, EDR, and other security platforms, contributing to our SOAR capabilities from the ground up. 

You will work in a technologically rich environment, integrating with a wide range of security and infrastructure systems across the network — a unique opportunity to build automation at scale in a greenfield setting, with real influence over the architecture and tooling decisions. 

We are especially interested in candidates who are curious about leveraging AI and intelligent agents to help evolve next-generation automation and response workflows — and who want to be a driving voice in how we apply those technologies. 

Your responsibilities will include: 

Automation development 

Design and develop automation workflows for incident response and SOC operations 

Identify and eliminate manual processes through scalable automation 

Build reusable components and maintainable automation patterns 

Engineering & integration 

Develop integrations using REST APIs, webhooks, and event-driven architectures 

Write high-quality, maintainable Python for automation and orchestration 

Implement data parsing, enrichment, and transformation across multiple systems 

SOAR & platform buildout 

Lead or actively contribute to the evaluation, selection, and implementation of SOAR/automation platforms 

Design the automation architecture and integration strategy for the team 

Build automation capabilities in a greenfield environment — your decisions will shape the foundation 

SOC collaboration 

Work closely with SOC analysts and incident responders to translate operational needs into automation solutions 

Improve end-to-end detection and response workflows through close partnership with the team 

AI & innovation 

Actively build and evaluate AI/LLM and agent-based workflows applied to security automation 

Prototype AI-assisted enrichment, triage, and response solutions and drive them toward production 

We expect you to have: 

Minimum 3 years of hands-on experience with SOAR platforms (e.g., Torq, Cortex XSOAR, Splunk SOAR, or similar) 

Strong hands-on experience with Python (or a comparable language) 

Experience designing or implementing automation frameworks or workflows 

Experience building integrations using REST APIs and web services 

Experience working with security tools such as SIEM, EDR/XDR, or ticketing systems 

Experience with at least one cloud platform (Azure, AWS, or GCP) 

Solid understanding of incident response processes and SOC alert-handling workflows 

Experience with at least one SIEM platform (Splunk,Sentinel,Qradar,Crowdstrike) 

 

It will be an added bonus if you have:  

Experience with CI/CD pipelines and DevOps practices 

Familiarity with cloud-native services and architecture 

Hands-on exposure to AI/ML, LLMs, or agent-based systems

Has a strong hands-on engineering mindset — you build, not just advise 

Is proactive, solution-oriented, and detail-focused 

Is genuinely curious about AI and intelligent agents, not just aware of them 

Collaborates well with both technical and operational teammates 

Benefits & Perks:

Competitive compensation

Career growth and learning opportunities

Flexibility and work-life balance

Collaborative and innovative culture

Opportunity to work on impactful AI projects

International environment and talented teams

What's it like to work at Nebius:

Fast moving - Bold thinking - Constant growth - Meaningful impact - Trust and real ownership - Opportunity to shape the future of AI 

Equal Opportunity Statement:

Nebius is an equal opportunity employer. We are committed to fostering an inclusive and diverse workplace and to providing equal employment opportunities in all aspects of employment. We do not discriminate on the basis of race, color, religion, sex (including pregnancy), national origin, ancestry, age, disability, genetic information, marital status, veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by applicable law.

Applicants must be authorized to work in the country in which they apply and will be required to provide proof of employment eligibility as a condition of hire. 

If you need accommodations during the application process, please let us know.

Source: Nebius careers

Similar roles