Security Automation Engineer at Ralds & Agate

Africa is a huge continent with huge resources - the greatest of which are its people and natural resources. While Africa has struggled to find its rightful place in the world economy, this has not in any way, diminished its potential or capabilities. Africa has amazing talents and our role as leaders and entrepreneurs is to harness these talents to propel us forward as we steadily advance on the global economic grid. Ralds & Agate is a Business Management Consulting firm focused on providing People and Process related solutions to businesses, communities and organizations within and outside Africa. Our focus is on People and Processes. Developing the potential within our people. to improve business practices, unleash creativity and enhance industrial productivity.

Mission / Purpose of the Job

• The Security Automation Engineer role is responsible for designing, developing, and maintaining automation solutions that enhance the efficiency, accuracy, and responsiveness of the company’s Managed Security Services operations.
• The role builds scalable workflows, scripts, APIs, and automated integrations that streamline alert triage, incident response, threat intelligence, and vulnerability management.
• The position strengthens SOC operations by reducing manual workload, increasing analytical visibility, and enabling continuous security improvement across all environments.

Job Responsibilities

• Develop, maintain, and optimize scripts, pipelines, and automation frameworks for security reporting, alert processing, and incident response activities.
• Build and integrate automated dashboards that provide real-time insights into SOC performance, client security metrics, and detection trends.
• Collaborate with the Reporting/RI team to improve data aggregation, correlation, normalization, and visualization for internal and external reporting.
• Design, implement, and maintain automation scripts, APIs, and system integrations to reduce manual tasks within SOC operations.
• Integrate SIEM, EDR, WAF, threat intelligence feeds, and other security tools into unified dashboards or SOAR platforms to enhance workflow efficiency.
• Implement AI-assisted search, pattern recognition, and automated query pipelines to support proactive threat hunting initiatives.
• Develop automation workflows for vulnerability assessments, including scheduling, scanning, aggregation, correlation, and report generation.
• Support deployment, configuration, and performance monitoring of security tools, ensuring availability and optimal functionality.
• Provide documentation, SOPs, and training to SOC analysts on newly developed automation tools, dashboards, and processes.
• Contribute to incident response activities by developing automated enrichment, correlation, and response scripts that accelerate triage and containment.
• Design and build a Threat Intelligence Platform (TIP) capable of automated ingestion, parsing, tagging, and correlation of commercial and open-source threat feeds.
• Implement automated dark web monitoring, VIP exposure tracking, and alerting frameworks for security intelligence use cases.
• Integrate threat intelligence outputs into SIEM/SOAR workflows to support detection engineering and correlation logic improvements.
• Develop automation workflows for vulnerability assessments, including scheduling, scanning, aggregation, correlation, and report generation.
• Build automated querying and reporting capabilities that provide prioritized vulnerability insights to both internal teams and clients.
• Support continuous improvement of penetration testing workflows through custom scripts, APIs, and task automation where applicable.

Job Specifications: Minimum & Preferred Requirements

• Bachelor’s Degree in Computer Science, Information Security, Engineering, or a related discipline.
• Relevant certifications such as SOAR, SIEM vendor certifications, CompTIA CySA+, GSEC, or equivalent would be an added advantage.
• Additional training in threat intelligence, Python automation, or cloud security is desirable.

Work Experience:

• 4–7 years of progressive experience in security automation, SOC engineering, or cybersecurity workflow automation.
• Hands-on experience with scripting languages such as Python, Bash, or PowerShell.
• Proven ability to build and maintain automation frameworks, APIs, and data engineering workflows.
• Experience with SIEM, SOAR, EDR, WAF, TIP, vulnerability assessment tools, and cloud architecture.
• Demonstrated ability to build dashboards, data pipelines, and automated reporting systems.
• Strong understanding of SOC operations, incident response workflows, and threat intelligence lifecycle.

Competencies, Skills & Attributes:
Knowledge:

• Security automation methodologies and frameworks.
• SOC processes, including alert management, incident response, and detection engineering.
• Threat intelligence lifecycle and IOC enrichment processes.
• Vulnerability assessment tools, scanning techniques, and remediation workflows.
• Cloud and API integration principles.

Skills:

• Python scripting and automation development
• API Integration & Data Engineering
• SOAR Workflow Development
• SIEM/EDR/WAF Integration
• Dashboard Development & Analytics
• Threat Intelligence Engineering
• Vulnerability Data Automation
• Documentation & Technical Writing
• Analytical and problem-solving ability
• Attention to detail and quality assurance.

Behavioural Attributes:

• Strong analytical and technical mindset.
• Proactive with a continuous improvement orientation.
• Strong communication and collaboration skills.
• Ability to work under pressure and meet tight deadlines.
• Integrity, accountability, and reliability.
• Results-oriented with strong ownership of tasks.
• Innovative thinking with a commitment to automation excellence.

Method of Application

Signup to view application details. Signup Now