SOAR Expert

Why work at Nebius
Nebius is leading a new era in cloud computing to serve the global AI economy. We create the tools and resources our customers need to solve real-world challenges and transform industries, without massive infrastructure costs or the need to build large in-house AI/ML teams. Our employees work at the cutting edge of AI cloud infrastructure alongside some of the most experienced and innovative leaders and engineers in the field.

Where we work
Headquartered in Amsterdam and listed on Nasdaq, Nebius has a global footprint with R&D hubs across Europe, North America, and Israel. The team of over 800 employees includes more than 400 highly skilled engineers with deep expertise across hardware and software engineering, as well as an in-house AI R&D team.

  Role Overview: We are seeking a highly skilled SOAR Expert to join the CISO Office. This position is critical to strengthening our organization's security automation, orchestration, and incident response capabilities. The successful candidate will play a pivotal role in designing, developing, and optimizing SOAR workflows and integrations across the enterprise. As a key member of the CISO Office, you will act as the technical authority and subject matter expert in SOAR platforms, ensuring alignment with threat intelligence, incident response, and playbooks automation.   Key Responsibilities:

• Architect, implement, and optimize SOAR playbooks to automate security operations processes such as alert triage, incident response, threat hunting, vulnerability management, and reporting.
• Integrate SOAR with security tools (SIEM, EDR/XDR, IDS/IPS, threat intel feeds, case management systems, etc.) and non-security platforms.
• Collaborate with incident response teams, threat intelligence teams, and other key stakeholders to identify automation opportunities and reduce mean time to detect (MTTD) and mean time to respond (MTTR).
• Perform continuous assessment and tuning of SOAR workflows to enhance efficiency, accuracy, and effectiveness.
• Contribute to incident handling and post-incident reviews, focusing on automation gaps and lessons learned.
• Ensure SOAR processes and automations comply with organizational policies, regulatory requirements, and security frameworks.
• Provide mentoring and training to SOC analysts and incident responders on SOAR usage and best practices.
• Participate in the evaluation and selection of SOAR platforms and related technologies.
• Collaborate with GRC and security architecture teams to align SOAR activities with broader cybersecurity strategy and risk management objectives.

Required Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or related field; relevant certifications (e.g., GCFA, GCIH, GCDA, CISSP, OSCP) strongly preferred.
• 4+ years of experience in security operations or incident response, with at least 2+ years of direct hands-on experience with SOAR platforms (e.g., Palo Alto Cortex XSOAR, Splunk SOAR, IBM Resilient, or equivalent).
• Strong scripting and automation skills (e.g., Python, PowerShell, Bash, APIs).
• Solid understanding of enterprise security technologies: SIEM, EDR/XDR, IDS/IPS, firewalls, threat intelligence platforms, etc.
• Experience integrating SOAR with both security and IT infrastructure systems.
• Familiarity with MITRE ATT&CK, Cyber Kill Chain, NIST incident response lifecycle, and other threat models.
• Knowledge of regulatory and compliance requirements relevant to cybersecurity (e.g., GDPR, HIPAA, PCI-DSS, ISO 27001).
• Strong analytical skills and ability to solve complex technical problems under pressure.
• Effective communicator with the ability to convey technical insights to non-technical stakeholders.

Preferred Qualifications:

• Experience in large-scale enterprise or cloud-native environments.
• Familiarity with CI/CD pipelines and DevSecOps principles.
• Background in threat intelligence automation and enrichment.
• Exposure to machine learning models or anomaly detection techniques for security automation.

Why Join Us:

• Be part of a forward-leaning cybersecurity team with executive-level visibility.
• Drive automation maturity within a mission-critical cyber defense capability.
• Work in a dynamic environment focused on proactive security and operational excellence.

 

What we offer 

• Competitive salary and comprehensive benefits package.
• Opportunities for professional growth within Nebius.
• Hybrid working arrangements.
• A dynamic and collaborative work environment that values initiative and innovation.

We’re growing and expanding our products every day. If you’re up to the challenge and are excited about AI and ML as much as we are, join us!