Security Automation Engineer

XBP Global

Location: Pune, Maharashtra, India
Job type: Full-time

Required skills

Python
SIEM
AWS
Ansible
API
Azure
CI
CircleCI
cloud infrastructure
CloudFormation
compliance
configuration management
containerization
DevOps
Docker
GCP
GitHub
incident response
information security
Jenkins
Jira
JSON
Kubernetes
Linux
Slack
Splunk
Terraform
ServiceNow
RESTful

About the role

Website: xbpglobal.com
Job details:
Role Summary

XBP Asia is seeking a highly skilled Security Automation Engineer to help scale and modernize our security operations. In this role, you will bridge the gap between cybersecurity and software engineering by designing, developing, and deploying automated solutions that detect, prevent, and respond to security threats. You will be responsible for building out our Security Orchestration, Automation, and Response (SOAR) capabilities, integrating security tools into our CI/CD pipelines (DevSecOps), and eliminating manual security workflows.

If you are a developer with a passion for security, or a security practitioner who loves to code, this is the perfect role for you.

Key Responsibilities

Automate Threat Response: Design, build, and maintain SOAR playbooks and automation scripts to accelerate incident triage, containment, and remediation.
Tool Integration: Develop API integrations between various security tools (e.g., SIEM, EDR, IAM, Vulnerability Scanners) and IT systems (e.g., Jira, Slack, ServiceNow) to streamline workflows.
DevSecOps Enablement: Embed security controls, automated vulnerability scanning (SAST/DAST/SCA), and compliance checks directly into the CI/CD pipeline.
Infrastructure as Code (IaC) Security: Implement and automate security guardrails for cloud infrastructure using tools like Terraform, CloudFormation, and native cloud policies.
Process Engineering: Analyze existing manual security operations and incident response procedures to identify bottlenecks and opportunities for automation.
Custom Tooling: Write custom scripts and lightweight applications to solve unique security challenges where commercial off-the-shelf solutions fall short.
Monitoring & Alerting: Automate the tuning of security alerts to reduce false positives and ensure high-fidelity signal delivery to the Security Operations Center (SOC).

Required Qualifications

Experience: 5 - 7 years of experience in Information Security, Software Engineering, DevOps, or a hybrid DevSecOps role.
VIBE coding : Hands on experience building application using frontier models. Good understanding of LLMs, Agentic code development.
Scripting & Development: Advanced proficiency in at least one primary programming/scripting language, such as Python or Go.
API Proficiency: Deep understanding of RESTful APIs, JSON, and webhooks for system integrations.
Cloud Platforms: Hands-on experience securing and automating workloads in modern cloud environments (AWS, GCP, or Azure).
Security Knowledge: Solid understanding of common attack vectors, networking protocols, operating system internals (Linux/Windows), and incident response frameworks.
CI/CD Tools: Experience working with modern pipeline tools (e.g., GitLab CI, GitHub Actions, Jenkins, CircleCI).
Problem Solving: Strong analytical skills with a proactive approach to eliminating toil through code.

Preferred Qualifications

Hands-on experience with commercial or open-source SOAR platforms (e.g., Palo Alto XSOAR, Splunk SOAR, Tines, Shuffle).
Experience with Infrastructure as Code (IaC) and configuration management tools (Terraform, Ansible, Chef).
Familiarity with containerization and orchestration security (Docker, Kubernetes).
Relevant industry certifications (e.g., AWS Certified Security, GSEC, GCIA, CISSP, or vendor-specific dev/automation certs).

Click on Apply to know more.

This page is fully interactive when JavaScript is enabled. Please enable JavaScript to apply or browse related roles.