Security Operations Center (SOC) Automation and Development Lead

SOC CW n Dev Lead

Who We Are

At Kyndryl, we run and reimagine the mission-critical technology systems that drive advantage for the world’s leading businesses.  We are at the heart of progress; with proven expertise and a continuous flow of AI-powered insight, enabling smarter decisions, faster innovation, and a lasting competitive edge. For our people—Kyndryls—that means doing purposeful work that powers human progress. Join us and experience a flexible, supportive environment where your well-being is prioritized and your potential can thrive.

The Role

Key Responsibilities

AI & GenAI Integration

• Design and implement AI/ML models for threat detection, behavioural analytics, and anomaly detection using Microsoft Sentinel, Azure ML, and Kyndryl Bridge.

• Integrate Generative AI into SOC workflows for predictive threat modelling, incident summarization, automated RCA generation, and knowledge-driven response recommendations.

• Lead the development of agentic AI systems capable of autonomous decision-making and response orchestration under governed SOC protocols.

• Embed GenAI-powered conversational analytics and predictive insights into executive dashboards for proactive threat visibility and decision-making.

Automation Engineering & Development

• Architect, design, and maintain automation playbooks in Azure Logic Apps and Microsoft Sentinel SOAR to streamline incident triage, enrichment, containment, and remediation.

• Collaborate with SOAR developers, content engineers, and threat detection teams to ensure automation components are modular, reusable, and scalable.

• Define and enforce development standards for SOC automation—covering playbook structure, documentation, versioning, and testing.

• Ensure seamless integration with third-party security tools, ITSM systems, and cloud-native services.

Analytics, Visualization & KPI Management

• Oversee the design of Power BI dashboards for real-time SOC visibility, automation performance metrics, and executive-level SLA reporting.

• Define and monitor automation-linked KPIs such as:

  • Mean Time to Respond (MTTR) reduction

  • Ticket volume reduction

  • Manual intervention percentage

  • RCA turnaround time

  • SLA compliance improvement

• Embed AI/GenAI-driven analytics layers into dashboards to enable adaptive risk visualization and predictive forecasting.

Governance & Compliance

• Participate in SOC governance forums to align AI/automation initiatives with business objectives, regulatory mandates, and compliance frameworks (e.g., ISO 27001, SOC 2, GDPR).

• Establish Responsible AI practices ensuring fairness, transparency, explainability, and human oversight in automated decision-making.

• Maintain audit trails, version controls, and documentation for all AI and automation deployments.

Collaboration & Leadership

• Work closely with SOC Analysts, Threat Intelligence, Platform Engineering, and Cloud Security teams to ensure automation aligns with operational and security needs.

• Mentor junior developers and automation engineers on best practices in AI, scripting, and SOAR development.

• Partner with OEMs and product vendors (Microsoft, Kyndryl, etc.) for roadmap alignment, feature optimization, and performance tuning.

• Lead Continual Service Improvement (CSI) initiatives focused on innovation and operational excellence across global SOC functions.

Who You Are

• 8+ years of experience in SOC Operations, Automation, or Security Engineering, with at least 3 years in a lead role.

• Strong expertise in:

  • Microsoft Sentinel (SOAR, Logic Apps, KQL, custom connectors)

  • Azure Logic Apps and automation frameworks

  • AI/ML model deployment for SOC analytics and anomaly detection

  • PowerShell, Python, or C# scripting for custom automation

  • GenAI integration using Azure OpenAI, Microsoft Copilot, or similar platforms

  • Kyndryl Bridge or equivalent hybrid orchestration tools

• Deep understanding of SOC processes, threat lifecycle, and ITSM/SIEM/SOAR integration.

• Proven experience in developing and managing automation KPIs linked to SLA and operational efficiency.

• Exposure to Power BI, data modelling, and executive reporting frameworks.

• Strong analytical and problem-solving capabilities with a focus on innovation and scalability.

Preferred Certifications

• Microsoft Certified: Security Operations Analyst Associate (SC-200)

• Microsoft Certified: Azure AI Engineer Associate (AI-102)

• Microsoft Certified: DevOps Engineer Expert (AZ-400)

• ITIL v4 Foundation

• Certified SOC Analyst (CSA) or GIAC Certified Automation Professional (GCAP) – Preferred

Being You

The “Kyn” in Kyndryl means kinship, which represents the strong bonds we have with each other, our customers and our communities. We focus on ensuring all Kyndryls feel included and we welcome people of all cultures, backgrounds, and experiences. Even if you don’t meet every requirement, we encourage you to apply. We believe in growth, and we’re excited to see what you can bring. At Kyndryl, employee feedback has told us that our number one driver of employee engagement is belonging. That sense of belonging — being a valued, respected, trusted member of the team — is fundamental to our culture and fueling great experiences for our customers. This dedication to welcoming everyone into our company means that Kyndryl gives you the ability to thrive and contribute to our culture of empathy and shared success. That’s The Kyndryl Way.

What You Can Expect

Your career with us isn’t just a job—it’s an adventure with purpose.  We offer a dynamic, hybrid-friendly culture that supports your well-being and empowers you to grow. Our Be Well programs are thoughtfully designed to support your financial, mental, physical, and social health—because we know that when you feel your best, you do your best.

From your very first day, you’ll dive into impactful work that powers the systems our customers rely on every day. You won’t just contribute—you’ll make a difference, tackling meaningful projects that sharpen your skills and fuel your growth.

We’re here to champion your journey. With powerful tools to chart your career path, personalized development goals aligned with your ambitions, and continuous feedback to keep you inspired and on track, you’ll have everything you need to thrive and evolve. You’ll develop in-demand skills to grow your career and achieve your ambitions with access to cutting-edge learning opportunities—from certifications with Microsoft, Google, and Amazon to coaching and hands-on experiences. And through it all, you’ll be part of a culture that values empathy, restless learning, and a devotion to shared success.

We want you to thrive here—and we’re committed to helping you do just that. Ready to make an impact? Join us and help shape what’s next.

Get Referred!

If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.

Experience Level

Senior Level