Internship : SOAR Automation Engineer

Description

Join our Security Operations team to develop automation features within our SOAR (Security Orchestration, Automation and Response) platform. The intern will work on integrating Microsoft security tools to streamline detection, investigation, and response workflows. The mission includes building Python and REST API-based scripts to ingest and correlate security data, automate incident analysis, and apply AI-driven logic to accelerate case handling. You’ll gain hands-on experience with Microsoft Graph API, security automation frameworks, and cloud-based SOC operations.

Objectives
•    Design and implement automation workflows for incident detection and analysis.
•    Integrate data from Microsoft security tools into SOAR pipelines.
•    Develop Python scripts and REST API connectors for security event processing.
•    Enhance automation playbooks with AI-based decision logic.
•    Leverage Microsoft Graph API for contextual enrichment and correlation.
•    Document workflows and collaborate with SOC analysts to evaluate improvements.

Our offer
› A dynamic work and collaborative environment with a highly motivated multi-cultural and international sites team
› The chance to make a difference in peoples’ life by building innovative solutions
› Various internal coding events (Hackathon, Brownbags), see our technical blog
› Monthly After-Works organized per locations

Skills required
•    Python scripting
•    GIT usage 
•    REST APIs (requests, authentication, JSON parsing).
•    Basic knowledge of cybersecurity concepts (incidents, alerts, logs, SOC/SIEM ideas).
•    Good analytical mindset, autonomy, and clear written communication in English
Can be good to have : 
•    Familiarity with Microsoft security tools (Defender, Sentinel, Purview, Entra, etc.)