Job ID - 27 - 0203

We are currently looking for a talented Security Automation Engineer. This position is responsible for engineering the Barracuda XDR SOAR platform, conducting R&D efforts on forward facing technologies, and executing offensive security operations efforts through the attack/defend lifecycle to test and validate effectiveness of in-place detections. Purple Team members draw from hands-on experience in both offensive and defensive security disciplines to improve the tools, processes, and capabilities of threat detection and response of our SOC. This position requires a strong background in detection engineering with focus on Barracuda XDR SOAR platform. This role requires flexibility and an eagerness to learn new technologies.

What You'll Be Working On

• Engineering the Barracuda XDR SOAR solution.
• Sprint tasks within the SOC Agile Sprint cycle to continuously improve overall SOC maturity level and R&D efforts.
• Develop and maintain documentation on new processes, tools, technologies, and on-going R&D efforts.
• Integrating various APIs into the SOC tech stack.
• Proactive threat hunting amongst partners' networks to identify malicious activity.
• Attack and Defend activities to test current detections and develop new detections.
• Ensuring MITRE ATT&CK Framework coverage is obtained by XDR detections.
• Conduct threat intelligence research.
• Train new and current cyber security analysts on existing or new technologies, new or existing processes.
• Will be on a rotating 24x7x365 on-call schedule to investigate, triage, and help customers remediate active breaches/incidents.
• Designing and implementing AI-driven security automations, including Agentic AI workflows to autonomously investigate, triage, and respond to alerts.
• Building and maintaining Retrieval-Augmented Generation (RAG) pipelines to enhance threat intelligence enrichment, alert context, and analyst decision-making.
• Developing and integrating AI agents with SOC tooling (SIEM, SOAR, EDR) to reduce manual effort and improve response times.
• Leveraging LLMs and AI frameworks to automate repetitive SOC tasks such as alert analysis, ticket generation, and incident summarization.
• Integrating and managing MCP servers and agent orchestration frameworks to enable scalable, modular AI-driven workflows.
• Experimenting with and operationalizing machine learning models for anomaly detection, alert prioritization, and signal-to-noise improvement.
• Driving R&D initiatives focused on applying Generative AI in cybersecurity, including detection engineering, threat hunting, and purple team exercises.
• Building internal tools and prototypes that combine security data pipelines with AI capabilities to improve SOC efficiency and accuracy.

What You Bring To The Role

• 4-5 years prior cybersecurity or SOC experience
• Bachelor's degree or Masters Degree in Cyber Security or Information Security or related field experience.
• CIH, CEH, CompTIA Network+ or Security+, or other relevant certification
• Experience working with various SOC tools including SIEM, SOAR EDR, email protection, sandboxes, ticketing systems, etc.
• Expertise with analyzing attack advanced cyber vectors such as ransomware, Business Email Compromise etc.
• Experience responding to active security threats and incidents.
• Experience with cloud tools such as AWS, Azure and GCP.
• Experience working with APIs.
• Experience troubleshooting in a technical environment, analytical, problem-solving skills with SOAR platform.
• Customer service experience
• Experience with threat intelligence research, IOC gathering, and threat hunting.
• Understanding of cybersecurity framework such as NIST, MITRE ATT&CK, etc.
• Fundamental understanding of corporate IT environments, including networking, cloud infrastructure, etc.
• Excellent verbal and written communication skills.
• Hands-on experience building or working with Agentic AI systems, including multi-step autonomous workflows and tool-using agents.
• Experience implementing RAG architectures, including vector databases, embeddings, and context retrieval strategies.
• Familiarity with LLMs (e.g., OpenAI, open-source models) and their application in cybersecurity use cases.
• Experience integrating AI into production environments, including API orchestration and automation pipelines.
• Exposure to MCP servers, agent frameworks, or similar orchestration systems for managing AI-driven workflows.
• Strong understanding of how to apply AI/ML to security operations problems such as alert fatigue, threat detection, and incident response.
• Ability to evaluate and tune AI outputs for accuracy, reliability, and security relevance in a SOC environment.

What you'll get from us

A team where you can voice your opinion, make an impact, and where you and your experience are valued. Internal mobility - there are opportunities for cross training and the ability to attain your next career step within Barracuda.

• Equity, in the form of non-qualifying options
• High-quality health benefits
• Retirement Plan with employer match
• Career-growth opportunities
• Flexible Time Off and Paid Time Off benefits
• Volunteer opportunities

The anticipated salary range for this role is 105,000 to 140,000 OTE. Actual compensation offered will be dependent upon the individual's skills, experience, and qualifications as they directly relate to the requirements of the position, the budget for the position, and applicable employment laws.

At Barracuda, we believe in fair and equitable compensation practices that reflect both market realities and the unique circumstances of each geographical location. We recognize that cost-of-living disparities, market conditions, and other factors can significantly impact compensation expectations in different regions. The compensation range provided in this job description is for illustrative purposes only and may not reflect the actual compensation offers for the position in your location. Final compensation will be determined based on a variety of factors including the candidates' qualifications and experience.

#LI- remote