Job Description Purpose of the role The purpose of the role is to design, implement, and manage automation solutions within the Security Operations Centre (SOC) to improve the efficiency and effectiveness of security operations. This role focuses on automating repetitive tasks, optimizing workflows, and integrating tools and systems to enhance threat detection, incident response, and overall SOC performance. The goal is to streamline security operations, reduce manual effort, and accelerate the identification and mitigation of security threats, enabling the SOC team to focus on more complex and critical tasks. The SOC Automation Engineer is accountable for the following: - Automation of SOC Processes Design and implement automation solutions to streamline repetitive tasks such as alert triaging, incident response, and reporting - Tool Integration Integrate various security tools (SIEM, SOAR, firewalls, etc.) to improve data flow and response coordination. - Optimization of Workflows Enhance and optimize SOC workflows for improved efficiency and reduced manual effort. - Development of Playbooks Create automated response playbooks for common security incidents, enabling faster and more consistent incident handling. - Collaboration with Security Teams Work closely with SOC analysts and engineers to identify areas for automation and provide technical solutions. - Monitoring and Maintenance Ensure the continuous operation and performance of automation tools, resolving issues as they arise. - Continuous Improvement Regularly review and update automation scripts and processes to adapt to evolving threats and technologies. - Documentation Maintain detailed documentation of automation workflows, playbooks, and configurations. Key Relationships/Interfaces External: Third-party partners and key solution suppliers Internal: Other areas of IAG Cybersecurity, particularly the cyber programme Group Security Team(s) Senior managers/customers from across the Group and relevant business areas Senior managers/customers/colleagues from operating companies