Haystack
← Back to Jobs
Remote
Technology

Automation / Orchestration / Security Engineer ::: 100% Remote

REDLEO SOFTWARE INC.United States🇺🇸United StatesPosted 10 Jul 2026

Quick Overview

Work Type
Remote
Level
Mid Senior

Job Description

Job Description: Automation / Orchestration / Security Engineer

Full Time

Remote

 

Position Overview

This position is hands-on and requires strong engineering fundamentals, security domain knowledge, and an automation-first mindset. The engineer will build integrations, develop playbooks/runbooks, and help mature detection-to-response processes with a focus on scalability, safety, and governance.

Key Responsibilities

Own the design and delivery of security automation and orchestration capabilities that improve response time, consistency, and quality across security workflows.

  • Develop and maintain SOAR playbooks for alert triage, enrichment, containment, and remediation.
  • Build and manage automation integrations with security tooling (SIEM, EDR/XDR, IAM, ticketing, vulnerability management, cloud security) using APIs, webhooks, and event-driven architectures.
  • Create reusable automation components (scripts, libraries, templates) with appropriate error handling, retries, logging, and observability.
  • Collaborate with SOC analysts and Incident Response to translate procedures into automated runbooks; ensure safe execution with approval gates where needed.
  • Design automation with governance: role-based access controls, change management, auditability, and documentation.
  • Partner with engineering and infrastructure teams to automate security controls and guardrails (policy-as-code, compliance checks, hardening, configuration drift remediation).
  • Support incident response by developing rapid automation for containment and evidence collection (while maintaining chain-of-custody and logging requirements).

 

Required Qualifications

Candidates must demonstrate strong automation engineering skills, comfort working with APIs and distributed systems, and practical security knowledge relevant to modern enterprise environments.

  • 3+ years of experience in automation engineering, security engineering, security operations engineering, or a related role.
  • Proficiency in at least one scripting/programming language (Python preferred; PowerShell,  or JavaScript).
  • Experience with Automation and Orchestration tools like Ansible, Itential, Aria Orchestrator or similar product.
  • Hands-on experience designing and implementing automation using APIs (REST/JSON), webhooks, and authentication methods (OAuth2, tokens, mutual TLS).
  • Working knowledge of SIEM concepts (log ingestion, correlation, queries) and SOC processes (triage, escalation, incident handling).
  • Strong understanding of core security domains: IAM, endpoint security, network security, vulnerability management, and cloud security fundamentals.
  • Experience with Git-based workflows and software engineering practices (code review, branching strategies, testing).
  • Ability to document solutions clearly (runbooks, diagrams, operating procedures) and communicate effectively with technical and non-technical stakeholders.


Preferred Qualifications and Technical Skills

  • Experience with vulnerability management automation (ticketing workflows, remediation tracking, exception handling, SLA reporting).
  • Cloud platform experience (AWS, Azure, and/or Google Cloud Platform), including security services and identity models.
  • Container and Kubernetes security familiarity
  • Experience integrating with EDR/XDR tools and automating response actions (isolation, kill process, quarantine).
  • Familiarity with ITSM and workflow tools (ServiceNow, Jira) and structured change management.

Skills

AWS
Ansible
Azure
Git
Google Cloud
JavaScript
Jira
Kubernetes
PowerShell
Python
REST
SAFe

Similar jobs