Security Automation

Yarbash

SOAR ENGINEER

I build the automation that lets security teams respond at machine speed.

I spend my time taking the repetitive work out of security operations — the connectors, playbooks, and AI tooling that threat hunters, detection engineers, and incident responders lean on. Most of that work has been for organizations in government, energy, and financial sectors.

Away from work I’m an advocate for online privacy, and a sucker for well-made machines — cars, watches, and an unreasonable amount of Formula 1.

Work

SOAR Platform Engineering

The SOAR platforms a SOC runs on — deployed, configured, and kept in production.

Cortex XSOAR · Swimlane · Google SecOps

Integrations & Automation

Custom connectors, playbooks, and automations that make a fragmented security stack act as one.

Python · REST APIs · connectors · playbooks

AI for Security Operations

AI in the SOC — self-hosted LLM tooling, and an MCP server that hands SOAR to models and agents directly.

Ollama · OpenWebUI · n8n · MCP · Python

Reporting & Analytics

XSOAR’s operational data, turned into Power BI dashboards that people actually use.

Power BI · XSOAR

Writing

June 6, 2026

Yarbash

SOAR Platform Engineering

Integrations & Automation

AI for Security Operations

Reporting & Analytics

Self-hosting a static site: Oracle Cloud, Cloudflare & nginx