We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

SOC Automation Engineer (Python / SOAR / LLM Integrations) at DeepSource. Location Information: Egypt - Remote. . Key Responsibilities. . Design, build, and maintain SOC automation workflows for L1 triage, alert enrichment, and response using SOAR tools (Cortex XSOAR, Splunk SOAR, n8n, etc.) . . Develop modular, agent-based . pipelines. using Python or TypeScript (ideally event-driven or orchestrated via n8n, Apache Airflow, etc.) . . Integrate threat intelligence APIs (VirusTotal, AbuseIPDB, Shodan, MISP, OpenCTI) . . Collaborate with AI team to interface LLMs into enrichment/summarization steps (e.g., GPT, Claude, mistral, etc.) . . Contribute to architectural design and data flow models (timeline graphs, observables) . . Write clean, testable code and deploy in cloud-based environments (AWS/GCP). . Requirements. Qualifications. . 5–10+ years of experience in cybersecurity, DevSecOps, or SOC automation . . Proficiency in Python, JavaScript/TypeScript, or Golang . . Hands-on with at least one SOAR or workflow automation platform (e.g., Cortex XSOAR, Phantom, TheHive, Shuffle, StackStorm, n8n) . . Strong understanding of SIEM tools (e.g., Splunk, Sentinel, QRadar, Wazuh) . . Experience with threat intelligence feeds, EDR/XDR tools, and incident response logic . . Familiarity with RESTful APIs, webhook/event-driven architectures . . (Bonus) Experience with AI/ML models (especially LLMs or agent frameworks). . .