Key Facts

Remote From:

India

Category: Security Engineer

Full time

Mid-level (2-5 years)

English

Roles & Responsibilities

Bachelor’s Degree in Computer Science, Information Technology, Cybersecurity, Engineering, or a related technical field
3–5 years of overall cybersecurity experience
Proven hands-on experience with SOAR platforms in enterprise or MSSP environments
Strong experience designing and implementing automation workflows from scratch

Requirements:

Design, develop, implement, and maintain SOAR playbooks and automation workflows for SOC operations
Build scalable security orchestration workflows for alert triage, automated enrichment, incident response, and threat intelligence correlation
Collaborate with SOC Managers, Team Leads, Analysts, and Security Consultants to identify automation opportunities
Contribute to AI-enabled SOC initiatives and intelligent automation projects

Job description

About ProArch:

At ProArch, we partner with businesses around the world to turn big ideas into better outcomes through IT services that span cybersecurity, cloud, data, AI, and app development.

We’re 400+ team members strong across 3 countries (we call ourselves ProArchians)—and here’s what connects us all:

A love for solving real business problems
A belief in doing what’s right

What’s it like to work here?

You’ll keep growing. You’ll work alongside domain experts who love to share what they know.
You’ll be supported, heard, and trusted to make an impact.
You’ll take on projects that touch industries, communities, and lives.
You’ll have the time to focus on what matters most in your life outside of work.

At ProArch, you’ll be part of teams that design and deliver technology solutions solving real business challenges for our clients. With services spanning AI, Data, Application Development, Cybersecurity, Cloud & Infrastructure, and Industry Solutions, your work may involve building intelligent applications, securing business‑critical systems, or supporting cloud migrations and infrastructure modernization.

Every role here contributes to shaping outcomes for global clients and driving meaningful impact. You’ll collaborate with experts across data, AI, engineering, cloud, cybersecurity, and infrastructure—solving complex problems with creativity, precision, and purpose. You’ll join a culture rooted in technology, curiosity, and continuous learning. A place where we move fast, trust you to make an impact, encourage innovation, and support your growth.

Position Overview

ProArch IT Solutions is seeking a highly motivated and technically skilled Security / SOAR Automation Engineer to join our global cybersecurity operations team supporting a fast-paced Managed Security Services Provider (MSSP) environment. The ideal candidate will possess strong hands-on experience in cybersecurity automation, SOAR platform engineering, SOC workflow orchestration, and security integrations across modern security ecosystems.

This role is heavily focused on designing, implementing, optimizing, and scaling SOC automation capabilities to improve operational efficiency, incident response, alert enrichment, triage automation, threat intelligence utilization, and AI-driven security operations enhancements.

The Engineer will work closely with SOC Operations, Security Engineering, Security Consulting, and Leadership teams to deliver automation initiatives and operational improvements while supporting a globally distributed security environment.

This is a permanently remote opportunity for candidates based in India, aligned primarily to USA Eastern Time (ET) business hours, with flexibility depending on operational requirements.

Key Responsibilities:

SOAR Engineering & Automation
Design, develop, implement, and maintain SOAR playbooks and automation workflows for SOC operations.
Build scalable security orchestration workflows for:

Alert triage
Automated enrichment
Threat intelligence correlation
Incident response
Containment workflows
Identity-based investigations
Case management
Reporting automation
Reporting automation

Implement and maintain integrations between SOAR platforms and various security technologies using APIs, webhooks, SDKs, and custom connectors.
Develop automation logic to improve SOC efficiency, reduce analyst fatigue, and accelerate Mean Time to Respond (MTTR) and Mean Time to Resolve.
Support SOAR platform lifecycle management including upgrades, change management, testing, governance, RBAC, and operational maintenance.

Assist with SOAR platform administration, identity & access management, and environment hardening.

Security Platform Integrations

Hands-on experience integrating and automating workflows involving:

Microsoft Defender for Endpoint (MDE)
Microsoft Defender XDR
Microsoft Defender for Identity (MDI)
Microsoft Defender for Office 365 (MDO)
Microsoft Defender for Cloud Apps (MDCA)
Microsoft Purview
Microsoft Identity Protection / Entra ID
CrowdStrike Falcon
Threat Intelligence platforms
(Must have) SIEM platforms (Microsoft Sentinel & Defender XDR)
Graph API
Ticketing platforms (Datto Autotask preferred)
Email security solutions
Endpoint detection & response platforms
Identity and authentication platforms
Cloud security solutions

SOC Operations Enhancement

Work collaboratively with SOC Managers, SOC Team Leads, Analysts, and Security Consultants to identify automation opportunities.
Create operational enhancements to improve detection engineering, investigation workflows, escalation efficiency, and reporting.
Assist with scaling SOC operations using automation and AI-driven initiatives.
Support operational maturity improvements within the SOC environment.
Participate in incident response automation strategy discussions and implementation planning.
Contribute to SOC transformation initiatives focused on operational scalability and service optimization.

AI & Advanced Security Operations

Contribute to AI-enabled SOC initiatives and intelligent automation projects.
Assist in implementing AI orchestration and automation use cases within security operations.
Research and evaluate emerging AI and automation technologies relevant to cybersecurity operations.
Support initiatives focused on autonomous investigation workflows, enrichment intelligence, and analyst assistance capabilities.

Collaboration & Project Coordination

Coordinate automation initiatives with internal stakeholders and external vendors.
Work closely with SOAR vendors for implementation support, troubleshooting, optimization, and feature enablement.
Participate in project planning, implementation tracking, testing, and deployment activities.
Maintain technical documentation, workflow diagrams, integration references, and operational runbooks.
Support cross-functional cybersecurity projects and operational improvements

Requirements

Experience

Bachelor’s Degree / Graduation in Computer Science, Information Technology, Cybersecurity, Engineering, or a related technical field is mandatory.
Relevant cybersecurity certifications and automation-focused certifications will be considered an added advantage.
3–5 years of overall cybersecurity experience.
Proven hands-on experience with SOAR platforms in enterprise or MSSP environments.
Strong experience designing and implementing automation workflows from scratch.
Experience supporting Security Operations Center (SOC) environments.
Prior SOC Analyst experience is highly preferred.
Experience working within Managed Security Services Provider (MSSP) environments preferred.
Experience supporting or collaborating with US-based teams/vendors preferred.

Technical Skills

Strong hands-on experience with SOAR technologies.
Experience with Torq SOAR preferred.

Strong understanding of:

Incident response workflows
SOC operations
Detection engineering
Security orchestration
Threat intelligence
API integrations
Authentication mechanisms
Identity-based security workflows
Experience integrating security tools using:
REST APIs
JSON
Webhooks
Python
PowerShell
Scripting/automation frameworks
Familiarity with SIEM platforms and alert correlation logic.
Experience with ticketing systems, preferably Datto Autotask.
Understanding endpoints, cloud, identity, and email security ecosystems.

Preferred Qualifications

Experience implementing AI-driven SOC workflows.
Exposure to AI orchestration in cybersecurity operations.
Knowledge of security operations metrics and optimization strategies.
Experience with security automation governance and change management.
Exposure to cloud security platforms and SaaS security controls.
Familiarity with DevSecOps or infrastructure automation concepts.
Relevant cybersecurity certifications are advantageous like Security+, CySA+, GCIH, SC-200, AZ-500, SOAR platform certifications, Splunk / Microsoft certifications

Soft Skills & Work Style

Strong verbal and written communication skills with the ability to work effectively across technical and non-technical teams.
• Excellent collaboration and stakeholder coordination skills across SOC Operations, Engineering, Consulting, Vendors, and Leadership teams.
Strong documentation and technical writing capabilities for workflows, SOPs, and operational procedures.
Ability to work independently in a remote-first, multicultural, and fast-paced MSSP environment.
Self-driven, proactive, and highly organized with strong ownership and accountability.
Strong analytical, troubleshooting, and problem-solving skills.
Comfortable managing multiple projects, priorities, and operational initiatives simultaneously.
Team-oriented mindset with the ability to operate effectively as an individual contributor.
Professional communication and coordination skills for working with US-based teams and vendors.
Adaptable and flexible to evolving operational and business requirements.

Work Schedule & Environment

Primary alignment with USA Eastern Time (ET) business hours.
Permanent remote working opportunity within India.
Flexible working model based on operational requirements and project demands.
Fast-paced MSSP and cybersecurity operations environment.

What Success Looks Like in This Role

Successful deployment and optimization of SOC automation workflows.
Measurable reduction in manual SOC effort and alert fatigue.
Improved operational efficiency and response timelines.
Reliable integration and orchestration across security ecosystems.
Contribution toward scalable, AI-enabled cybersecurity operations.
Strong collaboration with SOC leadership, analysts, engineering, and consulting teams.
Continuous innovation and operational enhancement within the security operations function.

Life @ ProArch

At ProArch, we believe our people are the key to our success. That’s why we foster an environment where every employee—known proudly as a ProArchian—can grow, thrive, and make a meaningful impact.
We empower employees to develop at their own pace through Career Pathways, a clear and supportive guide to professional progression.
Our culture is one of positivity, inclusivity, and respect. Titles don’t define how we treat each other—every ProArchian is valued equally, and collaboration across roles and teams is the norm.
We understand that great work starts with balance. That’s why we prioritize work-life harmony, offering flexible work schedules and encouraging time for what matters most.
Beyond the workplace, ProArchians actively give back—organizing volunteer efforts and charitable initiatives that empower the communities we call home.
And because we know that extraordinary efforts deserve recognition, we celebrate those who go above and beyond with appreciation programs.
At ProArch, we’re not just using technology to transform businesses—we’re using it to create a better experience for our people, our clients, and our communities.