Security Automation Engineer at Ralds & Agate

As one of Africa’s leading Business Management Consulting firms, we partner with organizations that prioritize profitability, sustainable growth, market relevance, and continuous innovation, anchored on robust people management structures, efficient and scalable processes, and a deliberate focus on building strong succession pipelines to ensure long-term business continuity.

Mission / Purpose of the Job

• The Security Automation Engineer role is responsible for designing, developing, and maintaining automation solutions that enhance the efficiency, accuracy, and responsiveness of the company’s Managed Security Services operations.
• The role builds scalable workflows, scripts, APIs, and automated integrations that streamline alert triage, incident response, threat intelligence, and vulnerability management.
• The position strengthens SOC operations by reducing manual workload, increasing analytical visibility, and enabling continuous security improvement across all environments.

Job Responsibilities

• Develop, maintain, and optimize scripts, pipelines, and automation frameworks for security reporting, alert processing, and incident response activities.
• Build and integrate automated dashboards that provide real-time insights into SOC performance, client security metrics, and detection trends.
• Collaborate with the Reporting/RI team to improve data aggregation, correlation, normalization, and visualization for internal and external reporting.
• Design, implement, and maintain automation scripts, APIs, and system integrations to reduce manual tasks within SOC operations.
• Integrate SIEM, EDR, WAF, threat intelligence feeds, and other security tools into unified dashboards or SOAR platforms to enhance workflow efficiency.
• Implement AI-assisted search, pattern recognition, and automated query pipelines to support proactive threat hunting initiatives.
• Develop automation workflows for vulnerability assessments, including scheduling, scanning, aggregation, correlation, and report generation.
• Support deployment, configuration, and performance monitoring of security tools, ensuring availability and optimal functionality.
• Provide documentation, SOPs, and training to SOC analysts on newly developed automation tools, dashboards, and processes.
• Contribute to incident response activities by developing automated enrichment, correlation, and response scripts that accelerate triage and containment.
• Design and build a Threat Intelligence Platform (TIP) capable of automated ingestion, parsing, tagging, and correlation of commercial and open-source threat feeds.
• Implement automated dark web monitoring, VIP exposure tracking, and alerting frameworks for security intelligence use cases.
• Integrate threat intelligence outputs into SIEM/SOAR workflows to support detection engineering and correlation logic improvements.
• Develop automation workflows for vulnerability assessments, including scheduling, scanning, aggregation, correlation, and report generation.
• Build automated querying and reporting capabilities that provide prioritized vulnerability insights to both internal teams and clients.
• Support continuous improvement of penetration testing workflows through custom scripts, APIs, and task automation where applicable.

Job Specifications: Minimum & Preferred Requirements

• Bachelor’s Degree in Computer Science, Information Security, Engineering, or a related discipline.
• Relevant certifications such as SOAR, SIEM vendor certifications, CompTIA CySA+, GSEC, or equivalent would be an added advantage.
• Additional training in threat intelligence, Python automation, or cloud security is desirable.

Work Experience:

• 4–7 years of progressive experience in security automation, SOC engineering, or cybersecurity workflow automation.
• Hands-on experience with scripting languages such as Python, Bash, or PowerShell.
• Proven ability to build and maintain automation frameworks, APIs, and data engineering workflows.
• Experience with SIEM, SOAR, EDR, WAF, TIP, vulnerability assessment tools, and cloud architecture.
• Demonstrated ability to build dashboards, data pipelines, and automated reporting systems.
• Strong understanding of SOC operations, incident response workflows, and threat intelligence lifecycle.

Competencies, Skills & Attributes:
Knowledge:

• Security automation methodologies and frameworks.
• SOC processes, including alert management, incident response, and detection engineering.
• Threat intelligence lifecycle and IOC enrichment processes.
• Vulnerability assessment tools, scanning techniques, and remediation workflows.
• Cloud and API integration principles.

Skills:

• Python scripting and automation development
• API Integration & Data Engineering
• SOAR Workflow Development
• SIEM/EDR/WAF Integration
• Dashboard Development & Analytics
• Threat Intelligence Engineering
• Vulnerability Data Automation
• Documentation & Technical Writing
• Analytical and problem-solving ability
• Attention to detail and quality assurance.

Behavioural Attributes:

• Strong analytical and technical mindset.
• Proactive with a continuous improvement orientation.
• Strong communication and collaboration skills.
• Ability to work under pressure and meet tight deadlines.
• Integrity, accountability, and reliability.
• Results-oriented with strong ownership of tasks.
• Innovative thinking with a commitment to automation excellence.

Method of application 

Meet the Qualifications? Email your CV to [email protected] using the job title as the subject of the mail.