Security Automation & Operations Engineer, Global SOC

Team Introduction

Our IT security team is responsible for enterprise IT global cyber security, server security, endpoint security, application security construction, and protection work. They work to improve overall IT security capabilities and security posture, providing security processes, security assessments, security operations, and security vulnerability management services. The team also supports IT teams and business departments in meeting their security requirements. Responsibilities - Design, write, and maintain production-grade code to automate security workflows, integrations, and response actions across enterprise security tools. - Build custom automation and integrations within SOAR platforms to streamline threat detection, incident response, and vulnerability management. - Develop tools and scripts (Python, Bash, Ansible, to automate repetitive security operations, log analysis, enrichment pipelines, and alert triage. - Work closely with DevOps and engineering teams to embed security automation into CI / CD pipelines. - Manage and operate security platforms (., NGFWs, EDR, CASB, SWG, Email Security, IDS / IPS), ensuring consistent uptime and reliability. - Conduct security architecture reviews and make configuration and code-level recommendations aligned with industry best practices. - Architect secure data environments for large-scale analytics systems (., data lakes, Hadoop ecosystems, Redshift, BigQuery) and implement access and control automation. - Continuously improve and test automation workflows to adapt to new threats, operational gaps, and evolving business requirements. - Document automation logic, tool configurations, and SOPs to support scalable, repeatable operations. - Collaborate with global security, infrastructure, and engineering teams to support security monitoring and incident response. - Collaborate with cross-functional teams across different time zones to help enforce security standards and best practices - Flexible working hours, maybe shift schedule work on weekends or holidays

Minimum Qualifications - Hands-on experience in a cybersecurity engineering or security automation role, with demonstrated ability to write and ship production code. - Proficient in Python (preferred), Bash, or Ansible for building automation and tool integrations. - Familiarity with security engineering tasks such as log parsing, detection rule development, and alert correlation using code-based approaches. - Strong understanding of enterprise security tools and operational best practices (., SIEM, EDR, CASB, vulnerability management). - Experience working in environments with CI / CD pipelines, containers, and infrastructure-as-code. Preferred Qualifications - Bachelor's degree in Computer Science, Cybersecurity, Software Engineering, or a related STEM field. - Hands-on experience with SOAR platforms (., Cortex XSOAR, Splunk SOAR) and building custom playbooks or integrations via APIs. - Experience building security automations using APIs, webhooks, and event-driven architectures. - Exposure to AI / ML concepts applied to security operations (., threat classification, anomaly detection, behavioral modeling). - Strong problem-solving skills and a software engineering mindset applied to security challenges. - Experience with cloud-native security tooling (., AWS Security Hub, Azure Sentinel) and scripting for cloud environments. - Knowledge of securing distributed data systems (., Hadoop, Redshift, BigQuery, Azure Synapse). - Relevant certifications (., OSCP, CISSP, GIAC, AWS / GCP cloud certs) are a plus.