GROW YOUR CAREER WITHIN STEFANINI

Advanced Search
 

<< Back to Job Search Results

Job Details

Cybersecurity Automation Engineer (Alabang)

Job ID#:

62099

Job Category:

Cyber Security Engineer

Location:

Alabang,  Philippines

Position Type:

Full Time

 
Job Description

About the role
 
 You will join our Cybersecurity Automation team to eliminate repetitive tasks, accelerate incident response, and measurably reduce risk. You will be the hands-on expert designing, developing, and operating automations on SOAR low-code/no-code platforms such as Tines, Torq, and n8n, optimizing detection and response workflows, and enabling seamless integration between security systems.

 What you'll do
  • Design and build automation workflows (playbooks) in Tines, Torq, and n8n to enrich alerts, perform triage, notifications, containment, and post-incident tasks (e.g., block indicators, disable accounts, isolate endpoints).
  • Integrate security tools and ecosystems: EDR/XDR, firewalls, threat intelligence feeds, cloud platforms, identity stores, messaging (Teams/Slack), and evidence repositories.
  • Ensure reliability of automations: robust error handling, retries, health checks, observability (logs/metrics), and secure secrets management.
  • Improve detection-to-response flow: enrich alerts, reduce false positives, and streamline handoffs between SIEM, SOAR, and ticketing systems (ServiceNow, Jira, etc.).
  • Governance and SDLC: version control (Git), code reviews, CI/CD, change management, documentation, and runbook creation.
  • Enable the SOC: create reusable automation building blocks, document playbooks, and train analysts for safe operation.

 
Job Requirements
 

What do you need to succeed?

  • 3+ years of experience in cybersecurity automation, preferably with SOAR low-code/no-code platforms (Tines, Torq, n8n) or equivalent experience in developing security integrations.
  • Strong automation engineering skills: event parsing, enrichment patterns, containment actions, webhooks, OAuth, REST API integrations.
  • Proficiency in scripting/automation (Python, JavaScript, or similar); fluent in JSON and event-driven patterns.
  • Experience with version control (Git) and familiarity with CI/CD; writing clean, tested, maintainable code.
  • Clear and effective communication with technical teams and stakeholders.
     

Nice to have

  • KQL (Microsoft Sentinel analytics, hunting, watchlists, data connectors).
  • Experience with SIEM/SOAR (Microsoft Sentinel, Splunk, etc.).
  • Knowledge of cloud automation (Azure, AWS, GCP).
  • Familiarity with EDR/XDR, TIPs, and common incident response tools.
  • Experience integrating ticketing systems (ServiceNow, Jira) and messaging platforms (Teams, Slack).
  • Knowledge of Infrastructure as Code (Terraform, ARM, Bicep).
  • Security operations mindset: incident lifecycle, SOC workflows, MITRE ATT&CK, and continuous improvement of MTTR.

 

Languages: English (High level)

Qualifications

  • Bachelor's degree in computer science/engineering or equivalent hands-on experience.
  • Minimum 3 years working on Automation.
  • Desired certifications: SC-100, AZ-500, AZ-400, or other relevant cybersecurity and automation certifications.

#LI-LD1  #LI-HYBRID


Pay Range:

Based on Experience

 


 

  Already have an account? Log in here


© Stefanini Group  |   PRIVACY POLICY