Architect develop and maintain secure and scalable automation solutions to enhance security operations and incident response
Design and implement integrations between security platforms tools and services to improve threat detection and response capabilities
Identify and deliver automation opportunities that increase operational efficiency and consistency
Build and maintain infrastructure and CICD pipelines with security and compliance best practices
Ensure consistency with internal standards industry benchmarks and regulatory requirements
Continuously improve internal security tooling and operational processes through innovation and automation
Design build and maintain automation frameworks and integrations that enhance security operations threat intelligence and detection engineering efforts
Collaborate with security teams to develop and optimize security workflows automation playbooks and integrations between security tools SIEMs SOAR platforms EDR XDR and case management systems
Develop and implement Infrastructure as Code IaC solutions using Terraform Ansible or similar technologies to deploy and manage security tooling
Work closely with the software engineering and DevOps teams to embed security into CICD pipelines ensuring secure code deployment and automated security testing
Support log aggregation enrichment and correlation across multiple data sources to enhance threat detection and response capabilities
Implement and maintain API driven integrations between security platforms automation tools and threat intelligence feeds
Optimize security telemetry ingestion correlation and alerting workflows to improve security detection and response effectiveness
Lead engineering efforts for security tooling ensuring alignment with overall security architecture and operational requirements
Conduct security assessments of automation tools and integrations identifying gaps and implementing security enhancements
Partner with the security and operations teams to build and refine detection logic response automation and platform tuning for SOC efficiency
Key Requirements
3 plus years of experience in SecDevOps Security Automation or a related engineering role
Strong hands on experience with security automation platforms eg Torq Phantom Cortex XSOAR or similar SOAR solutions
Expertise in scripting and automation using Python PowerShell Bash or Go
Experience working with SIEMs Splunk Stellar Cyber Sentinel etc and designing log aggregation correlation and alerting workflows
Proficiency in cloud security engineering for AWS Azure or GCP including deployment of security controls and monitoring solutions
Experience with Infrastructure as Code IaC tools like Terraform Ansible or CloudFormation
Strong understanding of DevOps principles and experience securing CICD pipelines with tools such as GitHub Actions GitLab CICD Jenkins or similar
Proficiency in API development and integration leveraging RESTful APIs webhooks and automation frameworks
Experience with container security Docker Kubernetes and implementing security controls for microservices architectures
Familiarity with threat intelligence platforms TIPs and their integration with security tools
Knowledge of secure coding practices and ability to perform security reviews of automation code and integrations
Strong problem solving skills and ability to work in a fast paced collaborative environment
