Lead Security Automation Developer

We are seeking a Lead SOAR Automation Developer to drive the design, development, and optimization of automation workflows within our Security Orchestration, Automation, and Response (SOAR) platform. As a technical leader on the team, you will provide expert-level guidance in identifying innovative automation opportunities within SOC operations, leveraging advanced orchestration techniques to enhance detection, triage, and response workflows; mentor and upskill team members in SOAR development and automation best practices.

Responsibilities:

• Design, implement, and maintain SOAR playbooks to automate routine security tasks and incident response processes.
• Contribute to the strategic roadmap of the SOAR platform, including the expansion of automation capabilities.
• Develop and maintain integrations between the SOAR platform and various security tools such as SIEM, EDR, DLP and threat intelligence feeds.
• Collaborate with CSOC teams to identify automation opportunities and improve response times.
• Establish and enforce best practices for playbook design, code quality, and documentation.
• Work with cross-functional teams to gather requirements, design solutions, and ensure alignment with business objectives.
• Develop metrics to measure the effectiveness of automated workflows and identify areas of improvement.
• Provide training and documentation to CSOC analysts and other stakeholders on SOAR platform capabilities and playbook usage.
• Provides expert-level technical support to maintain our SOAR platform.
• Contribute to the growth and mentorship of other team members

Qualifications:

• Undergraduate degree in Computer Science or Information Technology-related field or equivalent combination of training and experience.
• Proficiency in scripting and programming languages (e.g., Python, JavaScript, PowerShell)
• Experience with REST APIs, webhooks, JSON and/or web application development.
• Familiarity with development workflows and patterns
• Strong problem-solving and analytical skills
• Demonstrated ability to lead projects, drive solutions, and communicate effectively with technical and non-technical stakeholders.
• Strong understanding of cybersecurity concepts
• Experience with SOAR platforms. e.g. Tines, Splunk SOAR, Cortex XSOAR
• Experience in security automation, incident response, or related fields.
• Experience with cloud environments (AWS, Azure, GCP)
• Relevant cybersecurity certifications

Special Factors

Sponsorship

Vanguard is not offering visa sponsorship for this position.

About Vanguard

At Vanguard, we don't just have a mission-we're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.