SOAR Automation Specialist with Torq

SOAR Automation Specialist with Torq
Duration: 12 Months
Location: Remote

• Assess existing SOAR implementations (e.g., XSOAR) to map, redesign, and migrate playbooks to Torq.
• Build and maintain security workflows using Torq s low-code visual interface and APIs.
• Integrate with third-party tools such as SIEMs (Splunk, Sentinel), EDR (CrowdStrike, Defender), ITSM (ServiceNow, Jira), IAM (Okta, Azure AD), and threat intel sources.
• Collaborate with SecOps teams to automate incident response, alert triage, enrichment, case management, and notifications.
• Provide documentation and knowledge transfer to internal teams and clients.
• Support ongoing improvement and tuning of automation workflows based on feedback and KPIs.
• Contribute to the evaluation and implementation of AI-enhanced automation and dynamic decisioning.

• 2+ years of experience in SOAR platforms (Torq, XSOAR, Tines, Swimlane, or Siemplify).
• Strong understanding of incident response and SOC operations.
• Proficiency in Torq platform or equivalent low-code/no-code automation tools.
• Experience with API integrations, webhooks, JSON, and REST.
• Familiarity with security alerting and enrichment workflows.
• Experience with CI/CD tools (GitHub, Bitbucket, Jenkins) and automation pipelines is a plus.
• Ability to work with structured and unstructured data for dynamic playbook logic.
• Comfortable working in cloud-native and hybrid environments (Azure, AWS, Google Cloud Platform).

• Background in security engineering, SecOps, or DevSecOps.
• Experience migrating from Cortex XSOAR (ideally involving large-scale or multi-playbook environments).
• Familiarity with Torq Academy content or completion of Torq s internal training modules.
• Working knowledge of threat intelligence, MITRE ATT&CK, and security use case design.
• Scripting ability (e.g., Python, JavaScript, Bash) is a plus but not required.