JOB DESCRIPTION

Summary:

Reporting to the Security Operations Manager as Senior Security Automation Engineer, you will form part of a team of Information Security specialists supporting clients globally. Where you will help define, evolve and operate the security technologies, controls, policies and practices ensuring that they are applied pragmatically to strike a balance between protecting our business and customers, whilst allowing the organisation to get on with doing what it does best.

We are looking for someone within the information security field, specifically defensive security activities, who is progressing their career in Security through working in collaboration with a team of IT operations and business specialists in identifying, responding, and efficiently remediating any security related alerts, incidents, or other concerns that may impact the business. As an experienced analyst within Security Operations the SOC Analyst’s key responsibilities include;

• Consistently deliver, to a high standard, reactive and proactive Security Operations services to the organisation and its clients. Ensuring technical controls, operational practices, processes, personnel, detections, and response capabilities remain relevant and effective in reducing meaningful business risks.
• Act as the Security Representative in both internal and multi-disciplinary project teams, actively identifying technical and organisational requirements. Contribute to shaping solutions and play a key role in delivering end-to-end project engagement for both local and distributed projects focused on technological transformation, improvement and growth.

You must possess a strong understanding of security operations and incident response processes. Key responsibilities include:

The Senior Security Automation Engineer will have full responsibility for the design, engineering, planning and management of the security orchestration and automation process. Key responsibilities include:

• Providing automation services to the Information Security Team. Including proof of concept, design, deployment, and maintenance of new technologies, developing research and concepts into operations-ready capability, and ensuring that security tools and functions are properly engineered and supported.
• Identify new security automation use cases capable of making impact and improving our daily security operations
• Be responsible for the design, deployment, and maintenance of new security automation playbooks
• Be responsible for expanding the adoption of security automation, through the interconnection of new security products, and the integration of automation into new security operations processes
• Act as the Security Automation SME within multi-disciplinary project teams

To succeed in this role, you must enjoy working hands-on and building innovative security solutions to address the security needs of a rapidly evolving business.

Responsibilities:

• Continually assess potential information security risks and contribute to the security roadmap to improve the security posture of the organisation.
• Provide support to production related incidents and investigations (including the security on-call function if required).
• Research new security related technologies and advancement, and identify opportunities for continual improvement, providing recommendations for ongoing improvements to the organisation.
• Drive continual improvement across the Security Operations work activities and wider organizational contribution through process review and adoption of automation capabilities to deliver standardization and efficiencies within the team.

Requirements:

• Strong technical hands-on experience in SOAR platforms (development, improvement, maintenance of automation playbooks).
• Extensive experience with SIEM platforms
• Extensive experience SOC environments
• In-depth understanding of the design and deployment of other common security technologies, e.g., IDS, Vulnerability Management, Authentication and identity management, WAF, SOAR, MDM etc
• Experience with designing security solutions at scale for large enterprises or for multi-tenant service providers.
• Familiarity with industry security configuration standards, such as NIST and CIS.
• Must be an intelligent, articulate, conscientious individual who can serve as an effective member of the Information Security team and effectively communicate technical concepts to technical and non-technical audiences.
• Ability to manage multiple concurrent tasks or activities, and effectively make judgments in prioritizing and time allocation in a high-pressure environment.
• Ability to manage technical and procedural transformation and adapt to a rapidly changing environment.
• Highly self-motivated and directing, able to harness diverse skills or experiences and enjoy a strong sense of team spirit.
• Ability to work and communicate effectively in a global, multi-office, environment and willing to travel to overseas offices, as required.
• Excellent verbal communication and documentation/technical writing skills in English.

Non-essential but desirable:

• Degree in Computer Science or equivalent working experience preferred
• Security accreditation (such as CISSP-ISSEP, CISSP-ISSAP, or CCSP)
• Vendor Based Accreditations or Training