The Security Integration and Automation Engineering team under the Counter Threat Engineering organization is seeking a highly skilled and motivated Security Automation Engineer. This team leverages both Security and Software Development skills in combination with DevOps and GitOps practices to define, design and implement platforms, design patterns and standards for platform integration and automations across the Global Cybersecurity Services (GCS) organization. As a member of this team, you will empower the GCS organization by delivering innovative and effective solutions which fuse our security platforms into a cohesive ecosystem.
responsibilities :
Apply GitOps/DevOps approach to develop platform as code/detection as code
Build, maintain, and support security tools/platforms including technologies such as SIEM/SOAR/ETL/custom
Build, maintain, and support custom automation/integration which may involve multiple tools/platforms
Participate in project implementations and POC initiatives that may involve several teams
Conduct detailed analysis of a solution’s capabilities to identify potential areas for both process and/or system integration and improvements
Conduct and participate in peer review for Git project updates (Pull Request/Merge Request) Engage with Aon’s regulatory, privacy, architecture, security, and platform teams to identify and drive opportunities to leverage the security monitoring capabilities to enhance Aon’s overall security ecosystem
Provide a guidance to teams both inside and outside security on best security practices
Research and evaluate new capabilities in security monitoring landscape
requirements-expected :
4+ years of proven technical experience with security infrastructure/architecture/software implementation, management, and support for security solutions
2+ years of proven hands-on experience designing, implementing, and supporting one or more of the following security technologies and solutions: SIEM (e.g.: Splunk, Crowdstrike Logscale, etc), SOAR, log streaming and distribution technologies (e.g.: Cribl)
Experience with other security monitoring/detection platforms is a plus. 2+ years of GitOps/DevOps experience (platform-as-code, detections-as-code, etc.)
2+ years of proven hands-on experience designing/implementing solutions leveraging cloud and cloud native services (AWS/Azure/GCP)
2+ years of Experience building and working with CI/CD solutions (Gitlab CI/CD, GitHub Actions, Azure Devops Pipelines)
Strong Programming experience using object-oriented languages (Python preferred)
Experience working with APIs (REST, GraphQL) to build integration/automation to connect different tools
Working knowledge of Linux, Windows, TCP/IP networking stack and regular expressions
Excellent communication skills, both written and oral, are required.
Strong problem solving and analytical skills Ability to work independently and as part of a team
