Company
Proficio logo

Proficio

www.proficio.com
Location

Remote, but you must be in the following location

  • 🇮🇳 India
Apply

Security Automation Engineer

Description

**DESCRIPTION
** Proficio is an award-winning managed detection and response (MDR) services provider. We provide 24/7 security monitoring, investigation, alerting and response services to organizations in healthcare, financial services, manufacturing, retail and other industries. Take a video tour of our global network of 24/7 Security Operations Centers (SOCs).

Proficio has been highlighted in Gartner’s Market Guide for Managed Detection and Response Services for the last five consecutive years. MSSP Alert ranks Proficio among the top 250 global Managed Security Services Providers (MSSPs).

We have a track record of innovation. Proficio invented the concept of SOC-as-a-Service. We were the first MSSP to provide automated response services and are the only company in our space with a patent for cyber risk scoring and security posture gap analysis.

Our typical client is a medium to large-sized organization that lacks the in-house resources to address the challenges of a rapidly changing threat landscape. The difficulty of hiring and retaining cybersecurity professionals are widely understood. Our prospective clients are also challenged to effectively harness technology and build hardened processes that reduce the risk of security breaches.

While Proficio has developed a unified service delivery platform designed to meet the needs of the most demanding clients, what sets us apart is the quality and passion of our people. We believe the SOC of the Future will meld the creativity of human intelligence with the power of advanced technologies like AI.

Proficio’s commitment to developing and promoting our team members is unparalleled in our industry. Most of our senior managers were promoted from within.

SUMMARY

We are looking for a skilled and motivated Security Automation Engineer to join our cybersecurity team. In this role, you will be responsible for designing, developing, and managing advanced incident response automations across platforms, with a strong emphasis on Cisco XDR and Microsoft Sentinel (LogicApps).

The ideal candidate will have hands-on experience automating SOC operations, solid programming knowledge, and a deep understanding of incident response workflows. You’ll work closely with SOC, Engineering, and DevOps teams to improve detection, triage, and remediation using scalable automation pipelines.

Key Responsibilities

  • Design and build complex incident response playbooks in Cisco XDR to automate SOC workflows.

  • Develop advanced Microsoft Sentinel LogicApps for alert triage, enrichment, response actions, and workflow orchestration.

  • Build secure and maintainable automation services using Python (Flask), Bash, and optionally Ruby, Java, or C/C++.

  • Create custom integrations with third-party platforms via REST APIs, webhooks, and SDKs.

  • Maintain logging, error handling, and observability across automation flows to ensure reliability and traceability.

  • Collaborate with SOC teams and threat analysts to identify and prioritize automation use cases.

  • Document architecture, technical logic, API references, and operational runbooks for automations.

Requirements

Security Automation & XDR

  • Hands-on experience with Cisco XDR is mandatory, including custom automation workflows and API integrations.

  • Overall experience of 3-4+ years' security engineering and automation required

  • Experience developing automation playbooks using Microsoft Sentinel LogicApps.

SOAR/XDR Experience (Preferred)

  • Experience with any of the following is a strong plus:

    • FortiSOAR

    • Tines

    • Cortex XSOAR or Cortex XDR

    • Splunk SOAR

Programming & Scripting

  • Strong proficiency in Python, particularly with Flask for API development.

  • Solid scripting experience with Bash.

  • Working knowledge of Ruby, Java, C, or C++ is a plus.

Integration & LogicApps Automation

  • Experience with REST APIs, OAuth2, JWT, and secure API integrations.

  • Familiarity with Git, version control practices, and CI/CD for automation pipelines.

  • Proficient in building robust LogicApps workflows with:

    • Error handling, retry policies, parallelism, and condition-based logic

    • Variable and expression management

    • Adaptive Cards and user interaction in Teams

    • Integration with Azure services such as Key Vault, Azure Table Storage, Blob Storage, or Cosmos DB for referencing and maintaining state across automations

Systems & Operations

  • Strong hands-on experience with Linux: command-line utilities, scripting, services, and troubleshooting.

  • Experience in debugging LogicApps, resolving integration issues, and handling production-grade automations.

Soft Skills

  • Self-motivated and able to work independently or with distributed teams.

  • Strong analytical and problem-solving mindset.

  • Excellent verbal and written communication skills, including documentation.

Preferred Certifications (Nice to Have)

  • Microsoft (e.g., SC-200, AZ-500) or Cisco Security Certifications

  • Certifications in SOAR, cloud security, or cybersecurity operations

What You’ll Gain

  • Opportunity to work on cutting-edge automation in a modern security operations environment

  • Exposure to advanced SOAR and XDR platforms

  • Collaborative culture focused on innovation, learning, and growth

Benefits

  • Opportunity to work in a progressive organization with structured training and roadmap for success

  • Health benefits, lunches, gym reimbursement, and internet funding for our India staff!

  • Experience in one of the hottest IT industries today

Proficio is an EOE employer.

Proficio collects certain personal information upon your submission of an application for an open position. More information is available about your consumer rights and our privacy policy at www.proficio.com/privacypolicy