AI-Driven SecOps Consultant

We are seeking an experienced full-time AI-Driven Security Operations Consultant to support the transformation of our security operations through automation, orchestration, and AI enablement. This role will work closely with our SOC analysts, detection engineers, SecDevops and threat intelligence team to design, implement, and optimize SOAR use cases, helping to improve response times, reduce manual effort, and increase operational efficiency.

The ideal candidate has deep experience with SOAR platforms, understands Blue Team workflows, and is comfortable working in Agile or Scrum-based environments.

Location: Greece or Remote

Key Responsibilities

• Assess existing SOC workflows, detection logic, and response processes to identify and prioritize automation and orchestration opportunities.
• Design, develop, and implement SOAR playbooks and integrations that automate threat detection, alert enrichment, case management, and incident response, in close collaboration with detection engineers and threat intelligence analysts.
• Define and track success metrics, KPIs, and dashboards to measure the effectiveness and maturity of automation initiatives.
• Support documentation, change management, and SOC analyst training to ensure smooth adoption and continuous improvement of SOAR capabilities.
• Apply Agile delivery practices to plan and execute the rollout of new MDR capabilities -including XDR detection use cases, threat hunting automation, and threat intelligence workflows- through iterative development and backlog management.
• Identify and drive the integration of AI capabilities into security automation processes, focusing on intelligent alert triage, adaptive playbook logic, enhanced detection and response, and dynamic knowledge enrichment.

Qualifications

• Proven experience designing and implementing SOAR playbooks (e.g., using Microsoft Sentinel SOAR, Cortex XSOAR, or similar).
• Strong knowledge of SOC processes, incident response workflows, and detection engineering practices.
• Familiarity with integrating SOAR with SIEM, EDR, threat intel feeds, and ITSM platforms.
• Experience working as part of or alongside Blue Teams (SOC, Threat Detection, Threat Intel).
• Understanding of Agile and/or Scrum methodology with experience in sprint-based delivery will be considered a plus.

Personal Attributes:

• Analytical and detail-oriented, with a strong problem-solving mindset.
• Proactive and self-driven, with a sense of ownership.
• Effective communicator, able to translate technical details to diverse audiences.
• Collaborative, working well across multidisciplinary teams.
• Adaptable and comfortable navigating changing priorities.
• Innovative with a passion for integrating emerging technologies like AI.
• Organized, managing multiple initiatives while staying focused on key priorities.
• Agile mindset, thriving in iterative delivery environments.

Benefits

• Competitive salary and performance-based bonuses.
• Professional development opportunities and certifications.
• Flexible work schedule and semi-remote work options.
• Collaborative and innovative work environment.