Search all jobs
Browse jobs › Security Automation Architect (AI & SOC Transformation)

Security Automation Architect (AI & SOC Transformation)

Plain Concepts · TELECOMMUTE · Posted Jul 7, 2026

Apply on company site   Track it in JobSkout

Mission

Transform security operations for the AI era.

We are looking for a senior cybersecurity professional to help redesign how modern Security Operations Centers detect, investigate and respond to threats by combining Detection & Response expertise, security automation, AI automation and agentic AI capabilities.

The role will focus on turning traditional SOC processes into intelligent, controlled and scalable workflows, where AI agents can assist analysts, automate repetitive tasks, enrich investigations, recommend actions and accelerate response while maintaining human oversight, auditability and security control.

This is a hands-on architecture role at the intersection of SecOps, SIEM/SOAR, Detection Engineering, Incident Response and AI-native automation.

The ideal candidate will help organizations move from manual, ticket-driven security operations toward a new operating model where analysts, automation and AI agents work together to increase speed, consistency and resilience.

What will you do?

You will play a key role in evolving traditional SOC environments into  AI-native, automated and scalable security operations .

Your responsibilities will include:

Analyzing current SOC processes (L1/L2 workflows, alert triage, escalation paths).

Identifying opportunities to  automate and improve detection & response.

Converting manual playbooks into  structured, automated workflows.

Designing how  AI agents assist analysts  in triage, investigation and response.

Defining  decision trees, enrichment logic and automation patterns.

Establishing  clear boundaries between automation, AI and human decisions.

Designing  human-in-the-loop models  for critical actions.

Ensuring all automation is  secure, explainable and auditable.

What makes this role unique?

You will work at the intersection of:

Security Operations (SecOps).

Detection & Response.

SIEM / SOAR automation.

Incident Response.

AI-driven security operations (Agentic AI).

Tech environment

You will work with modern security and automation ecosystems such as:

SIEM platforms (Microsoft Sentinel, Splunk, QRadar, Chronicle).

SOAR platforms and automation frameworks.

XDR / EDR and cloud security platforms.

Identity & Access Management (IAM).

Threat Intelligence platforms.

Case management and ticketing systems.

AI automation platforms and agentic AI frameworks.

Microsoft Security Copilot, Logic Apps, Azure Functions, Foundry.

Apply on company site