Cybersecurity SOAR Integration Engineer – 6 Month Internship

TL;DR

Cybersecurity SOAR Integration Engineer (Cybersecurity): Integrating security tools with the SOAR platform using Python, REST APIs, and standard protocols with an accent on security automation and incident response. Focus on developing Python-based connectors, API integration, and writing technical documentation.

Company

Swissquote is the Swiss Leader in Online Banking, providing trading, investing and banking services to +650’000 clients through performant and secured digital platforms.

What you will do

• Develop Python-based connectors to integrate security tools (SIEMs, firewalls, EDR, IAM, threat intelligence platforms) with our SOAR platform using Python 3.9+, REST APIs, and standard protocols.
• Design REST APIs and webhook handlers for bi-directional communication between systems.
• Transform security data from heterogeneous sources into unified data models.
• Write clear technical documentation for integrations, deployment procedures, API specifications, and troubleshooting guides.
• Collaborate with the Playbook Engine Developer Intern to define standard connector interfaces and ensure seamless integration with automation workflows.

Requirements

• Good proficiency in Python
• Experience with async programming or concurrent execution
• Basic understanding of REST APIs, HTTP protocols, and webhooks
• Knowledge of JSON, YAML, and data serialization formats
• Interest in cybersecurity and incident response
• Experience with version control (Git)

Nice to have

• Experience with SOAR platforms (Splunk SOAR, Cortex XSOAR, etc.)
• Familiarity with security tools (Splunk, QRadar, Chronicle, CrowdStrike)
• Knowledge of authentication protocols (OAuth, API keys, mTLS)

Culture & Benefits

• Work in a flexible way, without dress code and in multicultural teams.
• Impact the industry and grow your skills portfolio.
• Boost your career in a fast-pace environment.