Head of Security Automation

Why we're hiring:

The Head of Automation & Process Engineering is responsible for establishing and leading the enterprise-wide automation and process excellence function within Operational Security. This role builds and scales an engineering-first automation capability that supports an Autonomic Security Operations (ASO) model-driving 10X improvements across SOC workflows, SOAR pipelines, incident response processes, and operational efficiency. The role oversees Security Automation Engineering and Process Engineering disciplines, ensuring seamless integration of automation, AI/ML, workflow optimisation, structured procedures, and end-to-end process governance across the security function.

What you'll be doing:

Automation Strategy & Leadership

• Define and own the automation vision and roadmap aligned to GCAT SOC10x principles.
• Drive adoption of advanced automation capabilities across SIEM, SOAR, EDR, TIP, and cloud-native security tools.
• Lead development and maintenance of SOAR playbooks, integrations, and automation workflows.
• Identify automation opportunities to replace manual, high-effort processes across the security lifecycle.
• Govern standards for automation coding, testing, documentation, and version control.

Process Engineering & Operating Model

• Own the design, improvement, and standardisation of Operational Security processes and SOPs.
• Build and maintain the process architecture for SOC, IR, Threat Hunting, and Detection Engineering.
• Implement KPIs, maturity assessments, and continual service improvement cycles.
• Ensure cross-team alignment and process integration across security disciplines.
• Develop scalable, predictable, and measurable operating models for Operational Security.

Engineering Excellence & Technical Ownership

• Oversee deep integration between Microsoft and Google security stacks, SOAR, SIEM, EDR, and TIP.
• Ensure data flow and telemetry integration support automation pipelines.
• Direct design reviews, QA, tooling optimisation, and technology evaluations.
• Implement AI/ML-driven automation for enrichment, prioritisation, and response orchestration.

Cross-Functional Collaboration & Stakeholder Engagement

• Act as automation and process engineering authority for Operational Security and Technology teams.
• Collaborate with Detection Engineering, IR, Threat Hunting, and Threat Intelligence on automation requirements.
• Partner with Ops Assurance, Legal, Privacy, vendors, and MSSPs to ensure aligned workflows.
• Lead training programmes to uplift automation and process capability

Talent Leadership & Organisational Development

• Build and lead a high-performing automation and process engineering team.
• Establish engineering standards for development, testing, and deployment.
• Drive continuous learning, knowledge sharing, and capability uplift.

Strategic Alignment to GCAT SOC10x

• 10X People: Build an engineering-centric automation and process team with strong knowledge sharing.
• 10X Process: Transform security processes into automated, measurable, agile workflows.
• 10X Technology: Leverage SOAR, AI/ML, and cloud-native automation to enhance detection and response.
• 10X Visibility: Ensure comprehensive telemetry ingestion and process observability.
• 10X Speed: Reduce MTTD/MTTR by eliminating manual tasks and enabling orchestration.
• 10X TCO: Reduce cost and improve efficiency through automation and optimisation.
• 10X Influence: Shape engineering culture and operational strategy across the organisation.

What you'll need:

Technical Expertise

• Deep experience with SOAR platforms and automation engineering.
• Strong engineering background with SIEM, EDR, cloud-native security tooling.
• Proficiency in Python, PowerShell, APIs, webhooks, and integration engineering.
• Experience with AI/ML-enabled security automation and enrichment
• Process & Operating Model
• Experience designing and governing operational workflows and SOPs.
• Knowledge of CSI frameworks, maturity models, and process optimisation.
• Experience with Lean, Six Sigma, or similar methodologies (desirable).

Leadership & Collaboration

• Proven leadership of high-performing engineering teams.
• Ability to influence stakeholders and communicate effectively.
• Strong documentati
• documentation and organisational skills.

Certifications (Preferred)

• GIAC (GCTI, GMON, GCIH, GCDA)
• Python or automation certifications
• Lean Six Sigma Green/Black Belt
• GCP or Azure cloud certifications

Key Attributes

• Engineering-first mindset with strong problem-solving skills.
• Systems thinker with focus on scalability and resilience.
• Excellent communicator able to translate technical complexity to outcomes.
• Committed to operational excellence and continuous improvement.

Who you are:

You're open: We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are open-minded: to new ideas, new partnerships, new ways of working.

You're optimistic: We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with conviction: to try the new and to seek the unexpected.

You're extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we provide extraordinary every day.

What we'll give you:

Passionate, inspired people - We aim to create a culture in which people can do extraordinary work.

Scale and opportunity - We offer the opportunity to create, influence and complete projects at a scale that is unparalleled in the industry.

Challenging and stimulating work - Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge?