Projects / Current Project

SOAR Migration Project

Coordinated the migration of DocuSign's security orchestration platform from a custom-built Houston (forked Huginn) solution to Tines, encompassing 100+ automation workflows across multiple security teams. As Senior Security Engineer, drove architecture design, vendor evaluation, cross-team coordination, and comprehensive threat modeling while maintaining zero downtime during the transition.

Security Threat Detection
Automation Cloud Deployment Detection Engineering Data Analysis API Integration Incident Response
Python
SOAR Migration Project

Challenge

Migrate complex security automation workflows from a custom-built SOAR platform (Houston/Huginn) to a new platform while maintaining operational continuity. The migration involved 100+ workflows across multiple teams (Detection Engineering: 60+, Threat Intelligence, Investigations, IR) with diverse requirements and integrations.

Solution

As Senior Security Engineer at DocuSign, coordinated a comprehensive migration strategy while driving architecture design and cross-functional alignment:

Architecture & Coordination:

  • Requirements Engineering: Created scored evaluation matrix capturing feature requirements from all stakeholder teams (Detection Engineering, Threat Intel, IR, Investigations)

  • Threat Modeling: Multi-month process mapping every system connection (internal and external), documented security implications, identified migration risks

  • Infrastructure Design: Designed Azure-based deployment architecture with Docker Compose, AWS Lambda integration, secrets management (AWS Secrets Manager, Azure Key Vault)

  • Cross-Team Coordination: Aligned 4+ security teams on migration approach, workflow dependencies, and phased rollout strategy

  • Workflow Categories: Coordinated migration of ETL tasks (data movement), communication integration (email/Slack), case management (automated enrichment), tool integration (API actions), 60+ detection engineering workflows, threat intelligence pipelines, and IR/investigation e-discovery workflows

Role Clarification: This was IC (individual contributor) coordination work, not people management. Responsibilities included architecture design, vendor evaluation, technical coordination across teams, and execution—typical Senior Security Engineer work with cross-functional scope.

Key Metrics

Migrated 100+ workflows across 4+ security teams (60+ detection engineering workflows)

Automated 100+ security workflows with 90% reduction in manual processing time

Comprehensive threat model covering all system connections

Zero security monitoring gaps during transition

90% reduction in maintenance time

Successful integration with AWS/Azure secret management

Security Impact

Enhanced security automation capabilities through modern SOAR platform adoption, improved workflow reliability, and comprehensive security controls validated through threat modeling. The migration established a more maintainable and secure automation foundation.

Results

Successfully migrated 100+ automation workflows with zero monitoring downtime. The project included comprehensive threat modeling, infrastructure setup, and validation processes. Achieved significant maintenance improvements while maintaining security coverage.

Related Projects

Azure SOC AI Enhancement (Design Study)

Azure SOC AI Enhancement (Design Study)

Designed AI-powered ticket prediction system for Azure Security Operations Center using Azure Machine Learning Studio and Log Analytics Workspace. Built data pipeline architecture for correlating security indicators with historical ticket closure patterns. NOTE: This was architecture and proof-of-concept work—not deployed to production due to career transition from DocuSign to Okta. Included here to demonstrate ML architecture and design capabilities.

AI/ML Security
View All Projects