Automation Engineer II, Falcon Complete (Remote)

About the Role:

As an Automation Engineer II on our Falcon Complete Managed Detection & Response (MDR) team, you will develop professional expertise in scaling our security operations through automation and AI while applying company policies and procedures to resolve a variety of automation challenges. You will build productive internal and external working relationships to support our mission of maximizing analyst efficiency through augmented detection triage, investigation, and response workflows. This role involves working on problems of moderate scope which often call for detailed analysis of situations or data, requiring review of a variety of factors. You will focus on building SOAR playbooks, AI-powered workflows, and scripted solutions while exercising judgment within defined procedures and practices, with general instructions on new assignments.

What You'll Do:

Automation Development

• Assist in building and maintaining security automation workflows and playbooks in SOAR platforms to streamline investigation, triage, and response actions

• Develop PowerShell and Python scripts for security enrichment, remediation, and basic forensic functions

• Assist with SIEM query integration into automated workflows to provide context for security investigations

• Apply data parsing techniques using JSON and Regular Expressions for security data manipulation

• Monitor and optimize automation workflow performance, identifying bottlenecks and implementing improvements to maintain operational reliability

AI Integration & Learning

• Conduct end-to-end testing and validation of automated and AI-powered workflows prior to production deployment

• Build and maintain complex API integrations connecting security platforms, data sources, and AI services within automated workflow pipelines

• Assist with integrating LLM APIs and AI services into automated workflow pipelines to enhance detection and response capabilities

• Explore and evaluate emerging AI tools and frameworks for applicability to MDR security operations

Collaboration & Innovation

• Maintain version control of automation scripts and workflows using Git platforms

• Support initiatives to improve operational efficiency and contribute ideas for analyst productivity improvements

• Stay current with emerging technologies in SOAR, automation, and AI, and evaluate their application to MDR operations

What You'll Need:

Successful candidates will have experience in one or more of the following areas:

• 2+ years of experience in automation, scripting, or cybersecurity (relevant security experience considered)

• Proficiency with PowerShell for security investigation and response tasks

• Working knowledge of Python for automation and API integration

• Experience with low-code/no-code or SOAR workflow automation platforms to build, maintain, and scale security workflows

• Hands-on experience with REST API integration, including authentication methods, request handling, and response parsing within automation workflows

• Familiarity with event-driven and webhook-triggered automation design patterns

• Working knowledge of JavaScript or expression-based scripting logic within automation or workflow platforms

• Design and execute workflow validation and quality assurance testing strategies to ensure automation reliability and detection integrity

• Basic understanding of SIEM query languages and security analytics

• Familiarity with data formats (JSON) and Regular Expressions for data parsing

• Understanding of incident detection and response workflows in SOC/MDR environments

• Experience with version control systems (Git, GitHub, GitLab, Bitbucket)

• Self-motivated with strong initiative and ability to work independently

• Results-oriented mindset with passion for solving complex technical challenges

• Eagerness to learn emerging technologies and automation concepts

• Analytical mindset with the ability to identify and translate repetitive processes into scalable automation

• Excellent collaboration and communication skills for working across SOC, engineering, and leadership teams
   

Bonus Points:

• Falcon SOAR platform experience is a plus

• LogScale (formerly Humio) experience is a plus

• Experience with self-hosted automation platform deployment (e.g., Docker or containerized environments)

• Experience managing secure credential and secrets management within automation pipelines

• Familiarity with AI workflow frameworks, LLM integration, and basic prompt engineering concepts

• Familiarity with cybersecurity frameworks (NIST, MITRE ATT&CK)

• Cloud platform experience (AWS, Azure, GCP)

• Previous SOC or security operations experience

• Experience with CrowdStrike Falcon platform and APIs

• Creative and optimistic about the potential of AI, with curiosity to experiment

• Passion for advancing the role of AI and automation in cybersecurity
   

Education: 

• BA or BS / MA or MS degree in Computer Science, Computer Engineering, Math, Information Security, Information Assurance, Information Security Management, Intelligence Studies, Cybersecurity, Cybersecurity Policy, or a related field. Applicants without a degree but with relevant work experience and/or training will be considered.

#LI-EV1

#LI-Remote

Benefits of Working at CrowdStrike:

• Market leader in compensation and equity awards

• Comprehensive physical and mental wellness programs

• Competitive vacation and holidays for recharge

• Paid parental and adoption leaves

• Professional development opportunities for all employees regardless of level or role

• Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections

• Vibrant office culture with world class amenities

• Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at [email protected] for further assistance.