Social network you want to login/join with:
Cyber Defence Automation Engineer, West Drayton
Client: IAG Transform
Location: West Drayton, United Kingdom
Job Category: Other
EU work permit required: Yes
Job Reference: ce3d99ef28c2
Job Views: 6
Posted: 19.08.2025
Expiry Date: 03.10.2025
Job Description:
The purpose of the role is to design, implement, and manage automation solutions within the Security Operations Centre (SOC) to improve efficiency and effectiveness of security operations.
This role focuses on automating repetitive tasks, optimizing workflows, and integrating tools and systems to enhance threat detection, incident response, and SOC performance. The goal is to streamline security operations, reduce manual effort, and accelerate threat mitigation, enabling the SOC team to focus on complex tasks.
The SOC Automation Engineer is responsible for:
* Designing and implementing automation solutions for alert triaging, incident response, and reporting.
* Integrating security tools (SIEM, SOAR, firewalls) for better data flow and response coordination.
* Enhancing SOC workflows for efficiency and reduced manual effort.
* Creating automated response playbooks for common security incidents.
* Collaborating with SOC analysts and engineers to identify automation opportunities.
* Monitoring and maintaining automation tools, resolving issues as needed.
* Reviewing and updating automation scripts and processes regularly.
* Maintaining documentation of workflows, playbooks, and configurations.
Key Relationships/Interfaces
External: Third-party partners and solution providers
Internal: Cybersecurity teams, Group Security, senior management, operating companies
Qualifications
* Bachelor’s degree in Cybersecurity, Computer Science, IT, or AI.
* Certifications such as CISSP, GCIH, GCSA, Splunk Certified Automation Consultant, or relevant SOAR certifications.
* Experience with automation tools (SOAR platforms, Ansible, Phantom).
* Proficiency in scripting languages (Python, PowerShell, Bash).
* Strong understanding of SOC processes, incident response, threat detection.
* Experience with SIEM platforms (Splunk).
* Knowledge of security frameworks (NIST, MITRE ATT&CK).
Skills
* Proficiency with automation tools and scripting languages.
* Experience with SOC operations and security tools.
* Ability to automate security workflows and integrate AI/ML capabilities.
* Strong analytical, problem-solving, and communication skills.
Experience
* 3-5 years in SOC or cybersecurity roles.
* Hands-on experience with automation and scripting.
* Experience with security tools and frameworks.
#J-18808-Ljbffr