Reading a job advert is rarely enjoyable, but I’d encourage you to keep reading because we think you'll love this opportunity. The role itself is for a Security Engineering & Automation Manager, where you will take responsibility for the development and implementation of all security automation and activity within the Cyber Defence Operations (CDO) function of this global technology powerhouse.
Initially the role will be a standalone position, with the plan to grow the team throughout the year. Providing you with a unique opportunity to not only set and own the strategy for automating security operations processes, but to build out the team as well.
To be successful in this role, you will need to have embedded security automation in to a business using orchestration tools e.g., SOAR platforms; and integrated security tools such as SIEM, EDR, & firewalls.
Responsibilities:
* Create and build the automation, logging, and detection strategy to improve the CDO's efficiency, scalability, and incident response capabilities.
* Implement automated workflows and playbooks to streamline CDO operations, including incident response, threat hunting, threat intelligence and vulnerability management.
* Partner with CDO, IT, and development teams to align automation initiatives with security objectives.
* Deliver training to analysts on automation tools, scripting, and tooling.
* Communicate automation progress, and benefits across the business.
* Collaborate with third-party vendors and service providers to leverage automation opportunities
Required Skills and Experience:
* At least 3 years in a leadership or senior technical role with a focus on developing and implementing automation strategies in a security operations environment
* Experience of working within security operations, automating standard processes, and threat intelligence lifecycle.
* Experience of SOAR platforms, scripting languages (e.g. Python, PowerShell), and security tools (SIEM, EDR etc).
* Cloud security tools and platforms (e.g. Azure, AWS Google Cloud) and their integration into SOC operations.
Finally, our client appreciates that your time is valuable and will try to accommodate your requirements as best as possible. The process will consist of 3 stages, comprising of an interview with the team, a technical exercise, alongside a two-way Q&A.
If you meet the requirements of the job, then we would love to hear from you!
* Hybrid working places are in place for this role, with 2 days onsite (Cambridge) required each week.