Head of Security Automation & Process Engineering

Why we're hiring:

The Head of Automation & Process Engineering is responsible for establishing and leading the enterprise-wide automation and process excellence function within Operational Security. This role builds and scales an engineering-first automation capability that supports an Autonomic Security Operations (ASO) model—driving 10X improvements across SOC workflows, SOAR pipelines, incident response processes, and operational efficiency. The role oversees Security Automation Engineering and Process Engineering disciplines, ensuring seamless integration of automation, AI/ML, workflow optimisation, structured procedures, and end-to-end process governance across the security function.

What you'll be doing:

• · Define and own the automation vision and roadmap aligned to GCAT SOC10x principles.
• · Drive adoption of advanced automation capabilities across SIEM, SOAR, EDR, TIP, and cloud-native security tools.
• · Lead development and maintenance of SOAR playbooks, integrations, and automation workflows.
• · Identify automation opportunities to replace manual, high-effort processes across the security lifecycle.
• · Govern standards for automation coding, testing, documentation, and version control.

• · Own the design, improvement, and standardisation of Operational Security processes and SOPs.
• · Build and maintain the process architecture for SOC, IR, Threat Hunting, and Detection Engineering.
• · Implement KPIs, maturity assessments, and continual service improvement cycles.
• · Ensure cross-team alignment and process integration across security disciplines.
• · Develop scalable, predictable, and measurable operating models for Operational Security.

• · Oversee deep integration between Microsoft and Google security stacks, SOAR, SIEM, EDR, and TIP.
• · Ensure data flow and telemetry integration support automation pipelines.
• · Direct design reviews, QA, tooling optimisation, and technology evaluations.
• · Implement AI/ML-driven automation for enrichment, prioritisation, and response orchestration.

• · Act as automation and process engineering authority for Operational Security and Technology teams.
• · Collaborate with Detection Engineering, IR, Threat Hunting, and Threat Intelligence on automation requirements.
• · Partner with Ops Assurance, Legal, Privacy, vendors, and MSSPs to ensure aligned workflows.
• · Lead training programmes to uplift automation and process capability

• · Build and lead a high-performing automation and process engineering team.
• · Establish engineering standards for development, testing, and deployment.
• · Drive continuous learning, knowledge sharing, and capability uplift.

• · 10X People: Build an engineering-centric automation and process team with strong knowledge sharing.
• · 10X Process: Transform security processes into automated, measurable, agile workflows.
• · 10X Technology: Leverage SOAR, AI/ML, and cloud-native automation to enhance detection and response.
• · 10X Visibility: Ensure comprehensive telemetry ingestion and process observability.
• · 10X Speed: Reduce MTTD/MTTR by eliminating manual tasks and enabling orchestration.
• · 10X TCO: Reduce cost and improve efficiency through automation and optimisation.
• · 10X Influence: Shape engineering culture and operational strategy across the organisation.

What you'll need:

• · Deep experience with SOAR platforms and automation engineering.
• · Strong engineering background with SIEM, EDR, cloud-native security tooling.
• · Proficiency in Python, PowerShell, APIs, webhooks, and integration engineering.
• · Experience with AI/ML-enabled security automation and enrichment
• Process & Operating Model
• · Experience designing and governing operational workflows and SOPs.
• · Knowledge of CSI frameworks, maturity models, and process optimisation.
• · Experience with Lean, Six Sigma, or similar methodologies (desirable).

• · Proven leadership of high-performing engineering teams.
• · Ability to influence stakeholders and communicate effectively.
• · Strong documentati
• documentation and organisational skills.

• · GIAC (GCTI, GMON, GCIH, GCDA)
• · Python or automation certifications
• · Lean Six Sigma Green/Black Belt
• · GCP or Azure cloud certifications

• · Engineering-first mindset with strong problem-solving skills.
• · Systems thinker with focus on scalability and resilience.
• · Excellent communicator able to translate technical complexity to outcomes.
• · Committed to operational excellence and continuous improvement.

Who you are: