Job Title: SOAR Engineer – Microsoft Sentinel & Automation Development
Job Description:
We are looking for a dynamic SOAR Engineer to join our cybersecurity team, specializing in automation and orchestration using Microsoft Sentinel. The ideal candidate will have deep expertise in developing Logic App playbooks and hands-on experience with Power Automate, Power Apps, Python scripting, and Microsoft Security Copilot. This role demands a strong development mindset to build scalable, secure, and efficient automation workflows that enhance incident response and SOC efficiency.
Key Responsibilities:
Design, develop, and maintain SOAR playbooks using Azure Logic Apps in Sentinel.
Automate threat response, enrichment, and remediation tasks by integrating external APIs and tools.
Build custom solutions using Python, Power Automate, Power Apps, and REST APIs.
Collaborate with security analysts to translate manual tasks into automated workflows.
Integrate Microsoft Security Copilot capabilities into response operations.
Maintain version control and documentation of automation logic and scripts.
Ensure proper RBAC and security controls in all automations.
Required Skills:
3+ years of experience with Microsoft Sentinel and Logic Apps.
Strong scripting and automation skills in Python, PowerShell, or Bash.
Experience with REST APIs, webhooks, JSON, and OAuth.
Hands-on with Power Platform: Power Automate, Power Apps.
Familiarity with Microsoft Security Copilot and its integration use cases.
Understanding of incident lifecycle, MITRE ATT&CK, and security operations workflows.
Nice to Have:
Experience with other SOAR platforms like Palo Alto XSOAR, Splunk SOAR, or Tines.
Azure Functions, Bicep/ARM templates knowledge.
Familiarity with secure coding practices and DevOps pipelines.
Soft Skills:
Problem-solving mindset with the ability to work independently.
Strong documentation and knowledge-sharing skills.
Effective communication to work with SOC teams, clients, and engineering teams.
Top Skills
What We Do
Inspira Enterprise is a global Cybersecurity & Data Analytics & AI services provider with a presence in North America, ASEAN, Middle East, India, and Africa regions. We offer a wide range of services to a host of industries like Banking, Financial Services and Insurance (BFSI), Healthcare, Public Sector, Manufacturing, Information Technology Enabled Services (ITeS) eCommerce, and others. Inspira's cybersecurity services are very extensive ranging from the basic perimeter security to complex incident management and response. Our global partnerships with best of the breed technology providers enable us to offer cutting edge cybersecurity solutions that detect, predict & manage cyber incidents. The 5 state-of-the-art Cyber Fusion Centers (CFCs), help us provide round the clock support to our clients across the globe. Inspira’s Managed Analytics service supports our customer’s IT and Business teams, to bridge data strategies with business outcomes helping them setup a resilient culture that accelerates change with data-driven critical thinking in all aspects of People, Process and Technology implementations and Operations management. To know more, visit us at inspiraenterprise.com
