Come Join Our Passionate Team! At Barracuda, we make the world a safer place. We believe every business deserves access to cloud-enabled, enterprise-grade security solutions that are easy to buy, deploy, and use. We protect email, networks, data and applications with innovative solutions that grow and adapt with our customers journey. More than 200,000 organizations worldwide trust Barracuda to protect them - in ways they may not even know they are at risk - so they can focus on taking their business to the next level.
We know a diverse workforce adds to our collective value and strength as an organization. Barracuda Networks is proud to be an employer that complies with all applicable national, state and local laws pertaining to nondiscrimination and equal opportunity regardless of race, gender, religion, sex, sexual orientation, national origin, or disability.
Envision Yourself At Barracuda
We are currently looking for a talented Security Automation Engineer. This position is responsible for engineering the Barracuda XDR SOAR platform, conducting R&D efforts on forward facing technologies, and executing offensive security operations efforts through the attack/defend lifecycle to test and validate effectiveness of in-place detections. Purple Team members draw from hands-on experience in both offensive and defensive security disciplines to improve the tools, processes, and capabilities of threat detection and response of our SOC. This position requires a strong background in detection engineering with focus on Barracuda XDR SOAR platform. This role requires flexibility and an eagerness to learn new technologies.
What You'll Be Working On
- Engineering the Barracuda XDR SOAR solution.
- Sprint tasks within the SOC Agile Sprint cycle to continuously improve overall SOC maturity level and R&D efforts.
- Develop and maintain documentation on new processes, tools, technologies, and on-going R&D efforts.
- Integrating various APIs into the SOC tech stack.
- Proactive threat hunting amongst partners networks to identify malicious activity.
- Attack and Defend activities to test current detections and develop new detections.
- Ensuring MITRE ATT&CK Framework coverage is obtained by XDR detections.
- Conduct threat intelligence research.
- Train new and current cyber security analysts on existing or new technologies, new or existing processes.
- Will be on a rotating 24x7x365 on-call schedule to investigate, triage, and help customers remediate active breaches/incidents.
- Designing and implementing AI-driven security automations, including Agentic AI workflows to autonomously investigate, triage, and respond to alerts.
- Building and maintaining Retrieval-Augmented Generation (RAG) pipelines to enhance threat intelligence enrichment, alert context, and analyst decision-making.
- Developing and integrating AI agents with SOC tooling (SIEM, SOAR, EDR) to reduce manual effort and improve response times.
- Leveraging LLMs and AI frameworks to automate repetitive SOC tasks such as alert analysis, ticket generation, and incident summarization.
- Integrating and managing MCP servers and agent orchestration frameworks to enable scalable, modular AI-driven workflows.
- Experimenting with and operationalizing machine learning models for anomaly detection, alert prioritization, and signal-to-noise improvement.
- Driving R&D initiatives focused on applying Generative AI in cybersecurity, including detection engineering, threat hunting, and purple team exercises.
- Building internal tools and prototypes that combine security data pipelines with AI capabilities to improve SOC efficiency and accuracy.
What You Bring To The Role
- 5 years prior cybersecurity or SOC experience.
- Bachelor's degree or Masters Degree in Cyber Security or Information Security or related field experience.
- CIH, CEH, CompTIA Network+ or Security+, or other relevant certification.
- Experience working with various SOC tools including SIEM, SOAR EDR, email protection, sandboxes, ticketing systems, etc.
- Expertise with analyzing attack advanced cyber vectors such as ransomware, Business Email Compromise etc.
- Experience responding to active security threats and incidents.
- Experience with cloud tools such as AWS, Azure and GCP.
- Experience working with APIs.
- Experience troubleshooting in a technical environment, analytical, problem-solving skills with SOAR platform.
- Customer service experience.
- Experience with threat intelligence research, IOC gathering, and threat hunting.
- Understanding of cybersecurity framework such as NIST, MITRE ATT&CK, etc.
- Fundamental understanding of corporate IT environments, including networking, cloud infrastructure, etc.
- Excellent verbal and written communication skills.
- Hands-on experience building or working with Agentic AI systems, including multi-step autonomous workflows and tool-using agents.
- Experience implementing RAG architectures, including vector databases, embeddings, and context retrieval strategies.
- Familiarity with LLMs (e.g., OpenAI, open-source models) and their application in cybersecurity use cases.
- Experience integrating AI into production environments, including API orchestration and automation pipelines.
- Exposure to MCP servers, agent frameworks, or similar orchestration systems for managing AI-driven workflows.
- Strong understanding of how to apply AI/ML to security operations problems such as alert fatigue, threat detection, and incident response.
- Ability to evaluate and tune AI outputs for accuracy, reliability, and security relevance in a SOC environment.
What You'll Get From Us
A team where you can voice your opinion, make an impact, and where you and your experience are valued. Internal mobility - there are opportunities for cross training and the ability to attain your next career step within Barracuda. In addition, you will receive equity, in the form of non-qualifying options.
