Security Automation Engineer

Role: Security Automation Engineer

Location: Cheltenham

Career Level: Specialist

Please Note: Due to the nature of client work you will be undertaking, you will need to be willing to go through a Security Clearance process as part of this role, which requires 5+ years UK address history at the point of application.

Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. With our thought leadership and culture of innovation, we apply industry expertise, diverse skill sets and next-generation technology to each business challenge.

We believe in inclusion and diversity and supporting the whole person. Our core values comprise of Stewardship, Best People, Client Value Creation, One Global Network, Respect for the Individual and Integrity. Year after year, Accenture is recognized worldwide not just for business performance but for inclusion and diversity too.

“Across the globe, one thing is universally true of the people of Accenture: We care deeply about what we do and the impact we have with our clients and with the communities in which we work and live. It is personal to all of us.” – Julie Sweet, Accenture CEO

As a Security Automation Engineer:

You will be responsible for developing and optimising Security Orchestration, Automation and Response (SOAR) toolsets. The Security Automation Engineer (SOAR) will drive the maturation of Accenture’s Security Operation Centre (SOC) offerings, integrating security technologies and implementing automated workflows. The ideal candidate will approach problems with a security-first mindset, and have a strong technical background in security operations or network / infrastructure engineering.

We are looking for the following skills and experience:

Hands-on experience of developing playbooks with Security Orchestration, Automation and Response (SOAR) platforms, such as Palo Alto XSOAR, Splunk Phantom, Google SecOps SOAR, Microsoft Sentinel (Azure Logic Apps).

Knowledge of interacting with REST API’s and webhooks (including authentication methods), and working with JSON / YAML data structures.

Understanding of DevOps principles and orchestration toolsets.

Working knowledge of at least one software development or scripting language, such as Python or PowerShell.

Familiarity with the principles of public Cloud environments such as AWS or Azure, and knowledge of cloud-native security controls.

Strong general Cyber Security Knowledge. In-depth knowledge of common threats, attacker tools and techniques and MITRE ATT&CK is advantageous.

Familiarity with functionality of common security toolsets (such as SIEM and EDR); previous experience in configuring or managing is advantageous.

2+ years’ experience working within a Security Operations environment or similar.

Collaborative and engaging approach to problem solving, and a willingness to work as part of the team.

Passionate for diversity, recognising the innovation and competitive edge that comes from a diverse highly skilled team where equal opportunities are truly valued.

A problem-solver, always seeking the best solution for the right outcome.

Self-motivated, results-focussed, pragmatic with the ability to manage conflicting deadlines and prioritise.

Vendor certifications for Security Tooling (such as SOAR, SIEM, EDR) would be advantageous.

Responsibilities:

Integrating SOAR platforms with technologies such as SIEM, EDR, Email gateways and ITSM.

Development of playbooks within SOAR platforms (interactive workflows that enable efficient triage of security incidents).

Development of scripts to automate processes and repetitive tasks.

Manage the lifecycle of security content (playbooks, integrations, scripts) from development through to production.

Produce and maintain technical design documentation relating to SOAR integrations.

Engage directly with client stakeholders to capture requirements, and scope development activities.

Work closely and collaboratively with internal project teams and engineers.

Engage with SOAR vendors to provide feedback and drive product development roadmaps.

Contribute to internal security working groups, advocating the adoption of SOAR and innovation within the discipline of Security Operations.

What’s in it for you:

At Accenture in addition to a competitive basic salary, you will also have an extensive benefits package which includes 25 days’ vacation per year, private medical insurance and 3 extra days leave per year for charitable work of your choice! Flexibility and mobility are required to deliver this role as there may be requirements to spend time onsite with our clients and partners to enable delivery of the first-class services we are known for.

Accenture reserves the right to close the role should a suitable applicant be found. RROOTS . Closing date for applications 25/08/26.