Offres d'emplois
← Retour à tous les emplois

Internship : SOAR Automation Engineer

ELCA Group Publié le 27/04/2026
Description du poste

We are ELCA, one of the largest Swiss IT tribe with over 2,300 experts. We are multicultural with offices in Switzerland, Spain, France, Vietnam and Mauritius. Since 1968, our team of engineers, business analysts, software architects, designers and consultants provide tailor‑made and standardised solutions to support the digital transformation of major public administrations and private companies in Switzerland. Our activity spans across multiples fields of leading‑edge technologies such as AI, Machine & Deep learning, BI/BD, RPA, Blockchain, IoT and CyberSecurity.

Description

Join our Security Operations team to develop automation features within our SOAR (Security Orchestration, Automation and Response) platform. The intern will work on integrating Microsoft security tools to streamline detection, investigation, and response workflows. The mission includes building Python and REST API‑based scripts to ingest and correlate security data, automate incident analysis, and apply AI‑driven logic to accelerate case handling. You’ll gain hands‑on experience with Microsoft Graph API, security automation frameworks, and cloud‑based SOC operations.

Objectives

  • Design and implement automation workflows for incident detection and analysis.
  • Integrate data from Microsoft security tools into SOAR pipelines.
  • Develop Python scripts and REST API connectors for security event processing.
  • Enhance automation playbooks with AI‑based decision logic.
  • Leverage Microsoft Graph API for contextual enrichment and correlation.
  • Document workflows and collaborate with SOC analysts to evaluate improvements.

Our offer

  • A dynamic work and collaborative environment with a highly motivated multi‑cultural and international sites team.
  • The chance to make a difference in peoples’ life by building innovative solutions.
  • Various internal coding events (Hackathon, Brownbags), see our technical blog.
  • Monthly After‑Works organized per locations.

Skills required

  • Python scripting.
  • GIT usage.
  • REST APIs (requests, authentication, JSON parsing).
  • Basic knowledge of cybersecurity concepts (incidents, alerts, logs, SOC/SIEM ideas).
  • Good analytical mindset, autonomy, and clear written communication in English.

Can be good to have:

  • Familiarity with Microsoft security tools (Defender, Sentinel, Purview, Entra, etc.).

#J-18808-Ljbffr

Prêt à postuler ?

Pour consulter 100% de l’offre et postuler, cliquez sur le bouton ci-dessous.

Vous serez redirigé en toute sécurité
DE DE
Back to top