At a Glance
- Tasks: Design and build AI-driven automation solutions to enhance security operations.
- Company: Join a forward-thinking tech company focused on security innovation.
- Benefits: Competitive salary, hybrid work model, and opportunities for professional growth.
- Other info: Collaborative environment with a focus on continuous learning and development.
- Why this job: Make a real impact by automating security processes and using cutting-edge technology.
- Qualifications: 2-4 years in software engineering or related fields, strong Python skills required.
This is a hands-on, builder-focused role centered on designing, building, and shipping AI and automation solutions to scale the security team's capabilities. You will focus on replacing manual, repetitive security work with reliable automated workflows and intelligent agents. Rather than triaging alerts by hand, you will build the systems that triage them, integrating security tooling and wiring up LLM-driven pipelines to keep the business safe without slowing it down.
Key Responsibilities
- Security Automation Engineering: Design, build, and maintain automation to remove manual toil across detection, triage, response, and reporting. Integrate security tooling (SIEM, EDR, IAM, cloud, ticketing) into seamless, reliable workflows. Build and maintain SOAR-style playbooks and pipelines for enrichment, containment, and response. Own the deployment, monitoring, and reliability of the automation tools you ship.
- AI & Agent Development: Build LLM-powered tools and autonomous agents for alert triage, threat summarization, runbook generation, and incident documentation. Develop and refine prompts, guardrails, and evaluations to ensure AI workflows are safe and dependable in production. Prototype, test, and ship AI-assisted approaches to threat hunting, log analysis, and security operations.
- Tooling & Integrations: Develop integrations and APIs connecting security tools to internal systems and data sources. Write clean, maintainable, and well-tested code. Maintain and improve internal libraries, documentation, and shared automation infrastructure.
- Collaboration & Enablement: Partner with the security team to identify the highest-leverage automation opportunities. Document workflows clearly so the team can operate, trust, and extend your builds. Automate evidence collection and control testing for compliance frameworks (ISO 27001, SOC 2, NIST CSF).
Requirements
- 2–4 years of experience in software engineering, automation/DevOps, security engineering, or a related hands-on building role (including internships or apprenticeships).
- Strong scripting and programming skills, particularly in Python, with a track record of building API integrations.
- Experience building automation workflows using SOAR platforms, CI/CD, or workflow orchestration tools (e.g., n8n, Tines, Zapier).
- Practical, hands-on experience building with LLMs (APIs, prompt engineering, and ideally agents), rather than just using them as chat assistants.
- Comfortable working in cloud environments, particularly AWS, with an understanding of IAM, logging, and serverless or container-based deployment.
- A solid grasp of core security concepts (incident response lifecycle, common vulnerability classes, MITRE ATT&CK framework), or the drive to ramp up quickly.
- Clear written and verbal communication in English, with the ability to document systems for both technical and non-technical audiences.
Good to Have
- Experience with SOAR or workflow-automation platforms like Tines, Torq, or n8n.
- Hands-on experience deploying AI agents or LLM-powered applications in production.
- Familiarity with security tooling such as SIEM, EDR, WAF, or vulnerability scanners (e.g., Semgrep, SonarQube, Coana).
- Experience with infrastructure-as-code (Terraform), containers, and CI/CD pipelines.
- Familiarity with compliance frameworks like ISO 27001, SOC 2, or NIST CSF.
Automation Engineer in London employer: Intaso
Intaso is an exceptional employer that fosters a dynamic work culture, encouraging innovation and collaboration within the cyber security community. With a focus on employee growth, this role offers unique opportunities to engage directly with industry leaders while enjoying the benefits of hybrid working flexibility. Join us to make a meaningful impact in the evolving landscape of cyber leadership and private capital.