Security Automation Engineer; SOAR/XSOAR
Position: Security Automation Engineer (SOAR/XSOAR) Location: Town of Belgium Security Automation Engineer (SOAR/XSOAR) A job at Proximus? You’ll find that everything revolves around the idea ‘Think Possible’. This means: we always assume that something is possible, even if it seems impossible. Well, especially so, actually. Call it a way of thinking that involves being open to a world of digital solutions that make our lives easier. And our way of working smarter. Who are we? In today’s digital world, organizations need to shift their approach to cyber security. Prevention alone is no longer sufficient. The ability to rapidly detect and respond to threats is essential. Organizations are increasingly turning to trusted strategic partners who can fully unburden them in the domain of detection and response. That’s where we come in. We offer MDR as a value service to a broad spectrum of customers across different verticals – all equally exciting. Based in Belgium and the Netherlands, we help companies navigate the digital era and make data-driven decisions with confidence. We proudly serve clients in the top 200 across the Benelux, spanning a wide range of fascinating and diverse sectors. At Davinsi Labs , we love to inspire each other, collaborate closely, and pursue excellence together. We are building a workplace where fulfillment and happiness take center stage. Your mission: what can you expect from the job? You will join our Managed Detection & Response (MDR) teams with a strong focus on security automation and orchestration . As a Security Automation Engineer , your primary responsibility is to design, build, and maintain automated response capabilities using Palo Alto Cortex XSOAR . Your work will directly impact how efficiently and consistently security incidents are handled across complex customer environments. You will help scale our MDR service by translating detection signals into automated, reliable, and auditable response workflows . We strongly believe in SOAR as code : automation content is version-controlled, tested, and continuously improved. You will contribute to and integrate with the following technologies:
- Microsoft Defender XDR and other XDR platforms
- SIEM platforms (Microsoft Sentinel and others)
- ITSM platforms (Service Now and equivalents)
- Cloud, identity, network, and third-party security tooling Key Responsibilities Security Automation & Playbook Development
- Design, build, and maintain response playbooks in Cortex XSOAR for common and advanced security incidents.
- Translate detection alerts from SIEM and XDR platforms into automated investigation and response flows .
- Implement conditional logic, enrichment steps, human-in-the-loop approvals, and automated containment actions. SOAR as Code
- Manage playbooks, integrations, scripts, and content packs using version control (Git).
- Apply software engineering best practices such as modularity, reusability, testing, and peer review.
- Contribute to standardized automation frameworks that can be reused across customers. Platform Integrations
- Build and maintain integrations between XSOAR and:
- SIEM platforms o XDR / EDR solutions
- ITSM tools (incident creation, updates, closures) o Identity, network, and cloud security controls
- Troubleshoot and optimize integrations for reliability, performance, and scalability.
- Collaborate closely with Detection Engineering and Incident Response teams to define:
- Automated investigation steps o Response actions and containment strategies o Escalation and handover points to analysts
- Continuously improve response quality based on real incident feedback. Automation Lifecycle Management
- Maintain and evolve our automation content library.
- Tune playbooks to reduce noise, false positives, and manual effort.
- Ensure automation aligns with customer environments, risk appetite, and operational maturity. Documentation & Knowledge Sharing
- Produce clear, structured documentation for playbooks, integrations, and response logic.
- Enable SOC analysts to understand, trust, and effectively use automated responses.
- Share best practices and lessons learned across teams. Subject Matter Expertise
- Act as a trusted advisor for customers and internal teams on SOAR and security automation.
- Stay up-to-date with new XSOAR features, response… Apply tot his job
Apply tot his job Apply To this Job