Career Level and Role
Career Level: Specialist
Role: Security Automation Engineer
Location: Cheltenham
Security Clearance: Willingness to undergo a Security Clearance process requiring 5+ years UK address history.
Responsibilities
* Integrating SOAR platforms with technologies such as SIEM, EDR, Email gateways and ITSM.
* Development of playbooks within SOAR platforms (interactive workflows that enable efficient triage of security incidents).
* Development of scripts to automate processes and repetitive tasks.
* Manage the lifecycle of security content (playbooks, integrations, scripts) from development through to production.
* Produce and maintain technical design documentation relating to SOAR integrations.
* Engage directly with client stakeholders to capture requirements, and scope development activities.
* Work closely and collaboratively with internal project teams and engineers.
* Engage with SOAR vendors to provide feedback and drive product development roadmaps.
* Contribute to internal security working groups, advocating the adoption of SOAR and innovation within the discipline of Security Operations.
Qualifications and Experience
* Hands‑on experience of developing playbooks with Security Orchestration, Automation and Response (SOAR) platforms, such as Palo Alto XSOAR, Splunk Phantom, Google SecOps SOAR, Microsoft Sentinel (Azure Logic Apps).
* Knowledge of interacting with REST APIs and webhooks (including authentication methods), and working with JSON/YAML data structures.
* Understanding of DevOps principles and orchestration toolsets.
* Working knowledge of at least one software development or scripting language, such as Python or PowerShell.
* Familiarity with the principles of public Cloud environments such as AWS or Azure, and knowledge of cloud‑native security controls.
* Strong general Cyber Security knowledge. In‑depth knowledge of common threats, attacker tools and techniques and MITRE ATT&CK is advantageous.
* Familiarity with functionality of common security toolsets (such as SIEM and EDR); previous experience in configuring or managing is advantageous.
* 2+ years’ experience working within a Security Operations environment or similar.
* Collaborative and engaging approach to problem solving, and a willingness to work as part of the team.
* Passionate about diversity, recognising the innovation and competitive edge that comes from a diverse highly skilled team where equal opportunities are truly valued.
* A problem‑solver, always seeking the best solution for the right outcome.
* Self‑motivated, results‑focussed, pragmatic with the ability to manage conflicting deadlines and prioritise.
* Vendor certifications for Security Tooling (such as SOAR, SIEM, EDR) would be advantageous.
Benefits
Competitive basic salary, 25 days’ vacation per year, private medical insurance and 3 extra days leave per year for charitable work of your choice. Flexibility and mobility are required to deliver this role, with potential onsite time at client locations.
Accenture reserves the right to close the role should a suitable applicant be found. Closing date for applications: 25/08/26.
#J-18808-Ljbffr