Cyber Automation Specialist

Are you looking to Optimize your life? Start your exciting path to a rewarding career today!
We are Optimum, a leader in the fast-paced world of connectivity, and we're on the hunt for enthusiastic professionals to join our team! We understand that connectivity isn't just a luxury anymore - it's a necessity that empowers lives, fuels businesses, and drives innovation. A career at Optimum means you'll be enabling progress and enhancing lives by providing reliable, high-speed connectivity solutions that keep the world connected. We owe our success to our amazing product, commitment to our people and the connections we make in every community.
If you are resourceful, collaborative, team-oriented and passionate about delivering consistent excellence, Optimum is the Company for you!
We are Optimum!
Job Summary
We are seeking a highly motivated Cybersecurity SOAR (Security Orchestration, Automation, and Response) Specialist to join our growing security operations team. This role will focus on designing, developing, and maintaining automation workflows to streamline and enhance our incident detection, investigation, and response capabilities.
We're looking for a Cybersecurity Automation Specialist who's passionate about making security operations smarter, faster, and more effective. You'll be the bridge between security analysts and engineering-automating detection, response, and remediation workflows to enhance security posture while reducing manual effort. If you're someone who lives at the intersection of cyber security operations and software development, we want to hear from you.
Work closely with SOC analysts, incident responders, threat hunters, and other security professionals to drive rapid, consistent, and efficient incident response-reducing manual effort through thoughtful automation.
Responsibilities

• Design and build automated workflows to support incident detection, triage, enrichment, and response using SOAR platforms (e.g., Splunk SOAR, Cortex XSOAR, Tines, etc.)
• Create feedback loops and partner closely with the Security Operations Center (SOC) analysts to understand pain points and repetitive tasks, turning them into automation use cases.
• Enhance threat intelligence ingestion and correlation across multiple data sources (EDR, NDR, SIEM, Ticketing Systems, etc.).
• Create interactive workbooks (e.g., Jupyter notebooks) to supercharge analysts and their ability to triage and respond.
• Create enrichment pipelines using OSINT sources and threat intelligence feeds, vulnerability management data, and other internal data sources.
• Create building blocks and reusable modules, connectors, and integrations with third-party APIs, tools, and platforms.
• Document all developed playbooks, scripts, infrastructure components, and integrations to ensure maintainability, reproducibility, and contribute to our internal wiki for team-wide knowledge sharing.
• Maintain code repository of developed SOAR functions and scripts created for incident response.
• Understand, design, and implement CI/CD pipelines for automated deployment of security automation code.
• Collaborate in agile workflows by participating in sprint planning, backlog grooming, and retrospectives; prioritizing SOAR tasks which will directly impact our security analysts
• Support containerized development and deployment processes using Docker and Kubernetes.
• Contribute to internal tooling, microservices, and serverless functions to extend SOAR capabilities.
• Deploy security infrastructure and resources using Infrastructure as Code (IaC) to support scalable and repeatable deployment of security resources.
• Write code as Secure-by-Default and understand what often contributes to vulnerabilities in code and applications.
• Assist in security incident investigations and post-incident reviews.
• Stay current with evolving cybersecurity threats, tools, and technologies.

Qualifications
Required:

• 2+ years of experience in cybersecurity, preferably within a SOC or incident response environment. BA in related technology field acceptable as substitution for experience.
• Proficiency in scripting languages such as Python or JavaScript.
• Experience with SIEM tools (e.g., Splunk, MS Sentinel, LogRhythm).
• Familiarity with REST APIs, JSON, and integrating with third-party security tools.
• Solid understanding of security incident management, threat intelligence, and security frameworks (e.g., MITRE ATT&CK, NIST).
• Solid understanding of modern development practices: Git, CI/CD, Infrastructure as Code (Terraform, etc.).
• Familiarity with cloud environments (AWS, GCP, Azure) and related security tooling.

Preferred:

• Certifications such as CISSP, GCIH, GCIA, or SOAR platform-specific certs.
• Experience with enterprise security tools, CI/CD pipelines, and cloud environments/infrastructure.
• Experience with containerized applications, Kubernetes, and microservices architecture.
• Experience with event-driven or serverless architectures (e.g., AWS Lambda, Google Cloud Functions) for lightweight automation.
• Hands-on experience automating workflows for phishing, malware, insider threats, or other common incident types.
• Experience contributing to internal security tools, libraries, or developer platforms.

At Optimum, we're fueled by our four core pillars: Taking Ownership, Upholding Transparency, Creating Community, and Demonstrating Expertise. Our commitment to empowering employees to take responsibility and embrace proactive problem-solving underpins Taking Ownership. Upholding Transparency is at the core of our culture, with open and honest communication fostering trust among our dedicated team and loyal customers. Creating Community is more than a goal; it's our daily commitment to fostering an environment of collaboration, innovation, and positivity. Demonstrating expertise is a promise we uphold through continuous learning and engagement with our customers to consistently deliver top-quality products and services. These pillars not only shape our culture but define Optimum as a place of excellence, trustworthiness, and thriving community, and we invite you to be a part of our journey.
If you have the drive to succeed and are ready to embark on a thrilling career, seize this opportunity today, and join our winning team, so together, we'll shape the future of connectivity.
All job descriptions and required skills, qualifications and responsibilities for a particular position are subject to modification by the Company from time to time, in the Company's discretion based on business necessity.
We are an Equal Opportunity Employer committed to recruiting, hiring and promoting qualified people of all backgrounds regardless of gender, race, color, creed, national origin, religion, age, marital status, pregnancy, physical or mental disability, sexual orientation, gender identity, military or veteran status, or any other basis protected by federal, state, or local law.
The Company collects personal information about its applicants for employment that may include personal identifiers, professional or employment related information, photos, education information and/or protected classifications under federal and state law. This information is collected for employment purposes, including identification, work authorization, FCRA-compliant background screening, human resource administration and compliance with federal, state and local law.
Applicants for employment with The Company will never be asked to provide money (even if reimbursable) as part of the job application or hiring process. Please review our Fraud FAQ for further details.
Pay is competitive and based on a number of job-related factors, including skills and experience. The starting pay rate/range at time of hire for this position in New York is $59,173.00 - $97,212.00/year. For other locations, please inquire with your recruiter. The rates/ranges provided herein are the anticipated pay at the time of hire, and do not reflect future job opportunity.