About the project

• The Security Integration and Automation Engineering team under the Counter Threat Engineering organization is seeking a highly skilled and motivated Security Automation Engineer. This team leverages both Security and Software Development skills in combination with DevOps and GitOps practices to define, design and implement platforms, design patterns and standards for platform integration and automations across the Global Cybersecurity Services (GCS) organization. As a member of this team, you will empower the GCS organization by delivering innovative and effective solutions which fuse our security platforms into a cohesive ecosystem.

Your responsibilities

• Apply GitOps/DevOps approach to develop platform as code/detection as code
• Build, maintain, and support security tools/platforms including technologies such as SIEM/SOAR/ETL/custom
• Build, maintain, and support custom automation/integration which may involve multiple tools/platforms
• Participate in project implementations and POC initiatives that may involve several teams
• Conduct detailed analysis of a solution’s capabilities to identify potential areas for both process and/or system integration and improvements
• Conduct and participate in peer review for Git project updates (Pull Request/Merge Request) Engage with Aon’s regulatory, privacy, architecture, security, and platform teams to identify and drive opportunities to leverage the security monitoring capabilities to enhance Aon’s overall security ecosystem
• Provide a guidance to teams both inside and outside security on best security practices
• Research and evaluate new capabilities in security monitoring landscape

Our requirements

• 4+ years of proven technical experience with security infrastructure/architecture/software implementation, management, and support for security solutions
• 2+ years of proven hands-on experience designing, implementing, and supporting one or more of the following security technologies and solutions: SIEM (e.g.: Splunk, Crowdstrike Logscale, etc), SOAR, log streaming and distribution technologies (e.g.: Cribl)
• Experience with other security monitoring/detection platforms is a plus. 2+ years of GitOps/DevOps experience (platform-as-code, detections-as-code, etc.)
• 2+ years of proven hands-on experience designing/implementing solutions leveraging cloud and cloud native services (AWS/Azure/GCP)
• 2+ years of Experience building and working with CI/CD solutions (Gitlab CI/CD, GitHub Actions, Azure Devops Pipelines)
• Strong Programming experience using object-oriented languages (Python preferred)
• Experience working with APIs (REST, GraphQL) to build integration/automation to connect different tools
• Working knowledge of Linux, Windows, TCP/IP networking stack and regular expressions
• Excellent communication skills, both written and oral, are required.
• Strong problem solving and analytical skills Ability to work independently and as part of a team

Optional

• Experience designing/implementing containerized applications
• Experience managing deployment/configuration of containerized applications in Kubernetes
• Experience in designing/implementing ETL Pipelines
• Experience using Terraform to manage infrastructure/configuration as code
• Experience using Helm to manage containerized applications deployed in Kubernetes environments
• Experience building SDKs for tools/platforms when required
• Demonstrated ability to look at a problem and its solution holistically and in reference to existing standards/platforms

Technologies we use

This is how we work on a project

• Continuous Deployment

• Continuous Integration

• DevOps