Managed Security Services - SOC Automation Engineer

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM.

RSM Defense is seeking an experienced SOC Automation Engineer to join our security operations team, focusing on developing and maintaining advanced security automation workflows using Torq. The ideal candidate will possess strong technical capabilities in security automation and orchestration, with demonstrated expertise in handling large-scale data operations and numerous API integrations.

The role requires advanced Python programming skills, with extensive experience in working with JSON data structures and implementing webhooks. The successful candidate must have a proven track record of developing and maintaining security automation workflows, particularly in environments dealing with substantial data volumes. Proficiency with Stellar Cyber and ServiceNow is essential, while experience with additional security tools such as SentinelOne, Microsoft Sentinel, Microsoft Defender, Azure Services and AWS is highly valued but not mandatory. Familiarity with Intezer Autonomous SOC would be an advantage.

Key responsibilities include designing and implementing automated security response workflows, monitoring and analyzing security events across multiple platforms, and developing custom integrations between various security tools. The engineer will be responsible for creating automated incident response procedures, building custom API connectors, and maintaining comprehensive documentation for all automation workflows.

The position requires a minimum of 5 years of experience in security engineering or SOC environments, along with a strong understanding of network security principles and experience with SIEM platforms and security analytics. The successful candidate must demonstrate a proven track record of implementing automation solutions and possess excellent analytical and problem-solving capabilities.

As a member of our RSM Defense security operations team, you will work both independently and collaboratively, interfacing with multiple technical and business stakeholders. The role offers opportunities to lead automation initiatives, mentor junior team members, and contribute to security architecture planning and strategy development. Strong communication skills are essential, as is the ability to manage multiple projects simultaneously while maintaining attention to detail.

The ideal candidate will be a self-starter who can work effectively both independently and as part of a team, with the ability to adapt to a fast-paced environment. This position offers significant opportunities for professional growth and skill development within a dynamic security operations environment.

Job Profile Responsibilities (key responsibilities)

Automation Development

•        Design and implement security automation workflows using Torq

•        Create and maintain Python scripts for security tool integration and data processing

•        Develop and optimize API connections between security platforms

•        Build and maintain webhook integrations for real-time alert processing

Security Operations

•        Automate incident response procedures and security operations workflows

•        Configure and maintain integrations with security tools including Stellar Cyber and     ServiceNow

•        Monitor and optimize automated workflow performance

•        Document automation processes and maintain technical documentation

Tool Integration

•        Implement integrations with various security platforms and tools

•        Handle data parsing and transformation between different security systems

•        Create custom API connectors when needed

•        Maintain and troubleshoot existing integrations

Technical Skills

•        Strong proficiency in Python programming

•        Extensive experience working with REST APIs and JSON

•        Demonstrated experience with webhook implementations

•        Experience working with large datasets and data processing

•        Hands-on experience with Stellar Cyber and ServiceNow

Security Tools Experience

•        Experience with SentinelOne

•        Knowledge of Microsoft Sentinel and Microsoft Defender

•        Familiarity with Azure and AWS Cloud Services

•        Experience with Intezer Autonomous SOC

Requirements & Qualifications

Minimum Requirements

• Advanced Python programming proficiency
• Experience with JSON data structures and API development
• Expertise in webhook implementation
• Proven experience working with large datasets
• Proficiency with Torq automation platform
• Minimum 5 years of experience in security engineering or SOC environments
• Strong understanding of network security principles
• Experience with SIEM platforms and security analytics
• Ability to work independently and in teams
• Strong analytical and problem-solving capabilities
• Excellent communication skills
• Project management abilities
• Self-starter mentality

Preferred Requirements

• Knowledge of Microsoft Sentinel
• Experience with Microsoft Defender
• Familiarity with Azure and AWS Cloud Services
• Experience with Intezer Autonomous SOC
• Experience mentoring junior team members
• Security architecture planning experience

At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/working-at-rsm/benefits.

As an Affirmative Action and Equal Opportunity Employer all applicants will receive consideration for employment as RSM does not tolerate discrimination and/or harassment based on race; color; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the US uniformed service; US Military/Veteran status; pre-disposing genetic characteristics or any other characteristic protected under applicable federal, state or local law. 

Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please call us at 800-274-3978 or send us an email at careers@rsmus.com.

RSM does not intend to hire entry level candidates who will require sponsorship now OR in the future (i.e. F-1 visa holders). If you are a recent U.S. college / university graduate possessing 1-2 years of progressive and relevant work experience in a same or similar role to the one for which you are applying, excluding internships, you may be eligible for hire as an experienced associate.

RSM will consider for employment qualified applicants with arrest or conviction records in accordance with the requirements of applicable law, including but not limited to, the California Fair Chance Act, the Los Angeles Fair Chance Initiative for Hiring Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the San Francisco Fair Chance Ordinance. For additional information regarding RSM’s background check process, including information about job duties that necessitate the use of one or more types of background checks, click here.

At RSM, an employee’s pay at any point in their career is intended to reflect their experiences, performance, and skills for their current role. The salary range (or starting rate for interns and associates) for this role represents numerous factors considered in the hiring decisions including, but not limited to, education, skills, work experience, certifications, location, etc. As such, pay for the successful candidate(s) could fall anywhere within the stated range.

Individuals selected for this role will be eligible for a discretionary bonus based on firm and individual performance.