SOAR Engineer

Thanks for the click! We know your time is valuable so we will get right to it.

We’ve amassed some of the best and brightest minds in cyber security who are passionate about protecting the digital world. Our team blends advanced technology alongside deep expertise to tackle the toughest cyber threats out there. Put simply, our mission is to stay ahead of the curve and create a safer digital landscape for our partners, and we believe adding a SOAR Engineer will up our cyber game.

In SilverSky, we believe that every organization, regardless of size, deserves an enterprise-class cybersecurity program. We deliver world leading products and services for Managed Detection & Response, Endpoint Protection, Vulnerability Management, Email Protection, Security Device Management, Professional Services, Incident Response, and Security Partnerships.

We’ve built a strong team of high performing security experts and support staff, and we’re constantly looking for new talent in our global sites - Raleigh (US), Fort Lauderdale (US), and Manila (PH). Our goal is to be the #1 customer focused organization in the cyber security industry, by continually delivering demonstrable customer security value through all of our partnerships, products, and services.

We’re currently recruiting for roles in our Security Operations Centre for a SOAR Engineer. As a SOAR Engineer , you will play a critical role in the development and management of our security automation infrastructure. Your work will directly enhance our MDR capabilities by enabling faster and more consistent incident response and client outcomes through FortiSOAR. This role requires a deep understanding of SOAR principles, strong scripting skills, and the ability to work in a fast-paced, multi-tenant environment.

The role is based upon a 9am-5pm ET shift, supporting our Global SOC customers.

What you will be doing:

• Design, build, and maintain FortiSOAR playbooks to support automated detection, triage, containment, and response workflows across multiple customers.


• Develop and manage integrations between FortiSOAR and various technologies (SIEMs, EDR, ticketing platforms, threat intel sources, etc.).


• Collaborate with SOC analysts, SIEM Engineers, and MDR leads to identify automation opportunities and translate operational requirements into scalable SOAR use cases.


• Maintain and optimize FortiSOAR data models, dashboards, reports, and case management features in a multi-tenant architecture.


• Perform quality assurance and continuous improvement of SOAR workflows to reduce false positives and increase analyst efficiency.


• Develop and maintain documentation, including playbook logic, integration configurations, and operational runbooks.


• Ensure uptime, health, and performance of the FortiSOAR platform and related services.


• Participate in after-action reviews to identify gaps and develop new playbooks or enhancements based on real-world incidents.

What does it take to succeed in this role:

• 3+ years of experience in a Security Operations Center (SOC), threat response, or similar role.


• 2+ years of hands-on experience with FortiSOAR , including custom playbook creation, connectors, and REST API integration.


• Strong Python scripting skills and familiarity with JSON, YAML, and REST APIs.


• Experience supporting multi-tenant environments or MSSP/MDR operations.


• Solid understanding of security technologies such as SIEM (e.g., Splunk, QRadar), EDR (e.g., SentinelOne, CrowdStrike, Cynet), firewall, IDS/IPS, and threat intel platforms.


• Proven ability to document technical processes clearly and effectively.


• Experience with other SOAR platforms (e.g. Cortex XSOAR, Swimlane, Tines) is a plus.


• Knowledge of ITSM/ticketing integrations (e.g., ServiceNow, Jira).


• Understanding of compliance frameworks such as HIPAA, PCI-DSS, or NIST CSF.


• Familiarity with incident response frameworks (e.g., NIST, MITRE ATT&CK).

In addition to the technical expertise, we expect respect, opinions, and thoughtful input.

How do we work:

Our 3 values define how we operate internally as well as externally:

• Vision - We embrace a forward-thinking mindset. Our team has a clear and inspiring picture of the future that helps drive our decisions towards creating and delivering world-class security services.


• Velocity - We have a bias for action. We move swiftly and with purpose toward our goals and objectives and can easily adapt (and adjust) along the way.


• Vigilance – We foster a culture of proactive awareness for our company and our customers, who trust us to be an extension of their team. We are always looking for areas where we can innovate, improve, fix, transform and revolutionize, which ensures the protection, safety and success of everyone at SilverSky.

Individuals that can act intelligently and confidently without an ego will thrive.

If this sounds interesting and you are passionate about redefining how the world thinks about cyber security, we want to hear from you. Apply now if you are interested in learning more about how we can change the rules of engagement, together.

About SilverSky

We are a global cyber security company with more than 20 years of professional experience in the industry. Our 300+ employees are on a mission to protect our customers with comprehensive, adaptive security services that maximize technology and automate responses, while empowering security analysts to hunt for threats, react and respond immediately. It’s the human enhanced response that differentiates SilverSky and allows us to create the most comprehensive managed detection and response (MxDR) solution in the industry by delivering on our Vision, Velocity, Vigilance philosophy. Follow us on LinkedIn and X .