Lead SOAR Automation Engineer

Job Description

The Lead SOAR Automation Engineer will be a pivotal member of the Versant Cyber Defense Operations Team. This individual will lead the development, deployment, and optimization of Security Orchestration, Automation, and Response (SOAR) capabilities to enhance incident response efficiency and reduce manual workloads across the cybersecurity organization.

This role requires deep technical expertise in security automation, scripting, and orchestration platforms. The engineer will collaborate with incident response, threat intelligence, internal investigations, and vulnerability management teams to design automated workflows that streamline detection, triage, and remediation processes. The ideal candidate will be a strategic thinker with hands-on experience in building scalable automation solutions and integrating them into complex enterprise environments.

Responsibilities

• Design, develop, and maintain SOAR playbooks and automation workflows using platforms such as Palo Alto Cortex XSOAR, Splunk Phantom, or similar
• Collaborate with SOC analysts, incident responders, vulnerability management analysts, and investigation analysts to identify automation opportunities and translate them into technical solutions
• Inform Cyber Leadership of all changes, and modifications to the SOAR platform
• Integrate SOAR tools with SIEM, ticketing systems, threat intelligence platforms, and other security technologies
• Continuously improve automation logic based on feedback, threat trends, and operational metrics
• Ensure playbooks are aligned with incident response procedures and compliance requirements
• Provide technical leadership and mentorship to junior automation engineers
• Document workflows, configurations, and operational guidelines for SOAR processes
• Support incident response efforts by rapidly deploying automation during active investigations
• Evaluate emerging SOAR technologies and recommend enhancements to existing infrastructure

• 5+ years of experience in cybersecurity, with 2+ years focused on SOAR engineering or automation
• Proficiency in Python, JavaScript, or other scripting languages used in automation
• Experience with SOAR platforms such as Cortex XSOAR, Splunk Phantom, IBM Resilient, or similar
• Strong understanding of incident response, threat detection, and security operations workflows
• Familiarity with REST APIs, JSON, and integration of disparate security tools
• Knowledge of SIEM platforms (e.g., Splunk, QRadar), EDR tools, and threat intelligence feeds
• Ability to communicate technical concepts to both technical and non-technical audiences
• Experience working in cloud environments (AWS, Azure, GCP) and automating cloud security tasks
• Relevant certifications (e.g., CISSP, GCIA, GCIH, SOAR-specific credentials) preferred

Desired Characteristics

• Highly collaborative and self-motivated
• Strong problem-solving and analytical skills
• Passion for automation and improving operational efficiency
• Ability to thrive in a fast-paced, dynamic environment
• Interest in media and entertainment industry is a plus

Additional Requirements:

• Fully Remote: This position has been designated as fully remote, meaning that the position is expected to contribute from a non-Versant worksite, most commonly an employee’s residence.

This position is eligible for company sponsored benefits, including medical, dental and vision insurance, 401(k), paid leave, tuition reimbursement, and a variety of other discounts and perks. Learn more about the benefits offered by NBCUniversal by visiting the Benefits page of the Careers website. Salary range: $145,000 - $175,000 (bonus eligible)

We are accepting applications for this position on an ongoing basis.

As part of our selection process, external candidates may be required to attend an in-person interview with an NBCUniversal employee at one of our locations prior to a hiring decision. NBCUniversal's policy is to provide equal employment opportunities to all applicants and employees without regard to race, color, religion, creed, gender, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital status, pregnancy, veteran status, membership in the uniformed services, genetic information, or any other basis protected by applicable law.

If you are a qualified individual with a disability or a disabled veteran and require support throughout the application and/or recruitment process as a result of your disability, you have the right to request a reasonable accommodation. You can submit your request to AccessibilitySupport@nbcuni.com.

Although you'll be hired as an NBCU employee, your employment and the responsibilities associated with this job likely will transition to Versant in the future. By joining at this pivotal time, you'll be a part of this exciting company as it takes shape.

NBCUniversal is one of the world's leading media and entertainment companies. We create world-class content, which we distribute across our portfolio of film, television, and streaming, and bring to life through our theme parks and consumer experiences. We own and operate leading entertainment and news brands, including NBC, NBC News, MSNBC, CNBC, NBC Sports, Telemundo, NBC Local Stations, Bravo, USA Network, and Peacock, our premium ad-supported streaming service. We produce and distribute premier filmed entertainment and programming through Universal Filmed Entertainment Group and Universal Studio Group, and have world-renowned theme parks and attractions through Universal Destinations & Experiences. NBCUniversal is a subsidiary of Comcast Corporation.

Our impact is rooted in improving the communities where our employees, customers, and audiences live and work. We have a rich tradition of giving back and ensuring our employees have the opportunity to serve their communities. We champion an inclusive culture and strive to attract and develop a talented workforce to create and deliver a wide range of content reflecting our world.

Comcast NBCUniversal has announced its intent to create a new publicly traded company ('Versant') comprised of most of NBCUniversal's cable television networks, including USA Network, CNBC, MSNBC, Oxygen, E!, SYFY and Golf Channel along with complementary digital assets Fandango, Rotten Tomatoes, GolfNow, GolfPass, and SportsEngine. The well-capitalized company will have significant scale as a pure-play set of assets anchored by leading news, sports and entertainment content. The spin-off is expected to be completed during 2025.