Security Automation Engineering Lead

The Security Automation Engineering Lead is responsible for the Security Automation function within the Information Security Operations team.
Working with various security technologies, the Security Automation Engineering team is primarily responsible for designing, implementing, and maintaining solutions enabling security teams to be more efficient. You will advocate best practice methods for Detection-as-Code implementation, offering guidance & support for analysts & engineers in release and versioning, contributing to the strategy for the Security Engineering operation, and supervising the team.
The role would suit someone who has previously led programming teams and has hands-on experience developing automated solutions. The successful person will have a solid technical background, some management experience, and be able to evidence good coaching and leadership practices.

Responsibilities

The Security Automation Engineering Lead will:

• Lead the development of Automation techniques across any suitable technology
• Develop new ways to protect the organisation from threats
• Champion and drive the use of automation to increase efficiency
• Understand the key risks the organisation faces, and the key tactics, techniques, and procedures that likely threat actors will exploit and to create control boundaries to intersect these domains
• Supervise a team of Automation Engineers and provide coaching and guidance to meet the desired objectives
• Take part in post incident reviews and propose automated solutions to reduce future recurrence
• Champion best practice methods for configuration management
• Work collaboratively with Security Architecture and Information Technology teams to ensure any existing constraints are overcome within forward looking plans
• Work with the third-party suppliers of the Security Products
• Research new methods to find malicious behaviour

Requirements

• 6+ years programming experience (PowerShell, Regex, Python, JavaScript)
• Have a strong understanding of security concepts and how to apply them to an organization’s environment
• In-depth experience in at least one of the following areas with a working knowledge of the remaining areas:
  • Chronicle SOAR
  • BigQuery
  • Scripting languages including XML, Python and PowerShell
  • DevSecOps & SDLC
  • Terraform
• Advanced certification in at least one cloud platform such as Microsoft Azure, Amazon AWS, or Google GCP
• The ability to pick up and learn new technology approaches and make rapid decisions on the best way to use these technology advancements for the betterment of the overall security posture
• Excellent communication skills as the ability to communicate effectively, constructively, confidently, and professionally is key to the success in the role as is the ability to work with IT and Information Security teams and the wider business
• An excellent knowledge of Information Security principles and an understanding of the Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks
• Keen attention to detail and excellent analytical skills
• Ability to actively manage workloads to meet business and department requirements.
• Understanding of enterprise grade technical security controls and defence in depth practices

Desirable Skills

• Previous experience in a Security related role
• One or more technical Information Security Certifications such as:
  • (ISC)² CISSP, CCSP, CompTIA: Security+,
  • GIAC Certification: GSEC, GCED, GDAT
• Exposure to some of the following areas:
  • Microsoft Sentinel & KQL
  • Palo Alto Prisma
• Degree in an Information Security / Computing discipline
• A working knowledge of financial services and the typical business processes involved together with the threat actors and their relevant tactics, techniques and procedures would be of significant advantage.

Our Commitment to You

At Admiral, we are committed to being a diverse and inclusive workplace. Admiral is proud to be an equal opportunities employer and does not discriminate on the basis of race, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), national origin, gender, gender identity, sexual orientation, disability, age, or any other legally protected status.

All qualified applicants will receive equal consideration for employment.

Salary, Benefits and Work-Life Balance

We do not have a set salary for this position, as it will be dependent on the successful candidate’s experience. We are happy to see CVs from all candidates who meet the requirements and will be happy to discuss the remuneration package.

At Admiral, we are proud to be a diverse business where we put our people and customers first. We have great benefits to ensure employees have a great work-life balance; it's one of the reasons we’re consistently voted one of the Sunday Times Best Big Companies to Work For in the UK. We want you to have an element of freedom to define a working lifestyle that supports this, so accommodate flexible hours wherever possible.

All colleagues will receive 33 days holiday (including banks holidays) when they join us, and this will increase with length of service, up to a maximum of 38 days (including banks holidays). You also have the option to buy or sell up to five days of annual leave in addition to your allocation.

You can also view some of our other key benefits here.

#LI-NT1