Security Automation and Orchestration (SOAR) Engineer
Dublin, IE
- Full Time Permanent position
- Hybrid role based in our City Centre offices
What we offer
We have embraced a hybrid working model for most of our positions, which means that you can enjoy a balanced approach of working from home for part of the week and working from the office for the remainder of the week.
We offer a comprehensive benefits package including competitive salaries and bonuses, robust Learning and Development support, excellent Defined Contribution pension and comprehensive Wellbeing initiatives and support to name but a few.
Further details on our benefits package can be accessed here Benefits (life-careers.com)
Role Overview
As a Security Orchestration, Automation and Response Engineer at Central Technology Services within Canada Life Group, you will be responsible for create, configure, run and maintain automation playbooks, review alerts coming from cloud security tooling, perform enrichment and escalate suspicious or complex cases to senior analysts.
This role involves utilizing various technologies and tools, as well as engaging with stakeholders to secure and monitor the cloud and on prem infrastructure. This role will also be optimising and customising cloud security technologies.
This role requires a strong foundation in cloud computing technologies, automation, and a passion for optimizing and scaling on prem and cloud platforms. This role requires a blend of technical expertise and a strong ability to deliver through automation.
The role often involves working closely with SOC analysts, incident responders, cloud engineers and assisting platform and development team members of the different business for monitoring and implementing automated responses.
It also requires communication and feedback to line management, change and service management and project management on progress. It is a busy role and requires excellent time management and prioritisation skills.
What you will help us to achieve
• Support the deployment, configuration and day to day operation of the CNAPP (Cloud Native Application Protection Platform), helping to identify and track cloud security risks across IaaS, PaaS and container workloads.
• Monitor CNAPP dashboards and alerts for misconfigurations, vulnerabilities and compliance issues.
• Perform initial triage and enrichment of findings and escalate to senior team members where required.
• Help reduce noise by tuning out false positives and aligning policies with agreed standards
• Implement security best practices and compliance controls to protect cloud-based platforms from cyber threats and vulnerabilities.
• Develop and maintain SOAR workflows to perform automated security tasks. Manage all elements of the SOAR platform including troubleshooting, maintenance and upgrades.
• Help maintain integrations/connectors between SOAR and other tools
• Create and execute automation playbooks
• Keep documentation for integrations and workflows up to date
• Collaborate with IT teams, system administrators, and other stakeholders to ensure seamless integration and operation of security controls.
• Collaborate with internal and external stakeholders, including business units, to monitor resolution of findings.
• Monitor, troubleshoot and optimize cloud security controls and automation workflows.
• Proactively engage with stakeholders to identify opportunities for cloud security optimization and improvement to meet business needs.
• Documentation and Knowledge Sharing: Share knowledge and best practices with team members through training sessions and workshops.
• Develop and maintain PowerBI reports using Azure Data Factory.
More specific responsibilities will include
A typical day would include:
• Automation Rules: Defining "if-this-then-that" logic to trigger actions based on query results (e.g., "If a critical vulnerability is found on an internet-facing host, automatically open a P1 ticket and notify the #security-ops Teams channel").
• Monitor and operate security vulnerabilities and findings discover in the cloud, code and ensuring timely resolution of identified issues
• Report on deliverable status timeline, technical issues and system operations
• Collaborate with different teams to remediate misconfigurations and vulnerabilities
• Support update of metrics to measure the monitoring program and related process.
• Participate in meetings with stakeholders to discuss security aspects of cloud and automation project activities, requirements, and progress updates.
What you will need to be successful in the role
• Bachelor's degree in computer science, engineering, information systems or related field, or equivalent work experience.
• At least 3 years of progressive and relevant experience in hands-on cloud computing.
• At least 1 year of experience in Azure cloud platforms, tools and technologies.
• Knowledge and/or hands on experience with RESTful APIs (authentication, endpoints, JSON payloads) to support automation playbooks, data enrichment and security tool integrations.
• Skilled at scripting and developing automated solutions for manual tasks.
• Experience operating in a CI/CD environment.
• Excellent communication, presentation, analytical, problem-solving skills.
Technical Competencies
• Azure Native tool: Defender Suite, Sentinel, Azure AD, Azure ADF.
• WIZ, Sonar
• Virtualization platforms and management tools (e.g., VMware, Kubernetes, Azure, NSXT, HCI)
• Security tools (e.g., VPN, IDS/IPS, SIEM, MFA, NAC, DDoS, WAF)
• Collaboration and communication tools (e.g., Microsoft Teams, M365 suite of tools for collaboration, ServiceNow for change and incident management, Clarity for time management)
• Rapid7, PowerBI, SOAR platforms and others
About us
Canada Life Group is the top-level European holding company for Great-West Lifeco’s European insurance, reinsurance, and asset management companies, with business operations in the UK, Ireland, Germany, and the Isle of Man.
European Technology sits within Canada Life Group and encompasses the technology community across all European entities - Irish Life Group, Canada Life UK, Canada Life Europe, as well as Central Technology Services - Europe. European Technology supports the business strategy and collaboration of technology across all European divisions. There are multiple IT units within European Technology, each with its own individual set of technology platforms.
European Technology has evolved significantly and is now focused on bringing market-leading speed, agility, cost efficiency, and risk mitigation to enable the delivery of strategies across the European businesses. To meet these challenges, a new strategy has been established, driving forward our commitment to innovation and excellence.
The company reserves the right to draw up a shortlist as part of the selection process. Where Agency assistance is required the Canada Life Recruitment Team will engage directly with suppliers. Unsolicited CVs / profiles supplied to Canada Life by Recruitment Agencies will not be accepted for this role.
Canada Life Group Services is proud to be an Equal Opportunities employer. We have created an environment of inclusion and growth to help people achieve their potential, to ensure they can bring their whole selves to work and to feel valued. We celebrate diversity of thought and perspective and want all of our employees to feel valued, respected and supported.
We have built a culture that promotes equality and inclusion for all of our current and future employees and strive to ensure that our behaviours, processes and practices are aligned to this culture.
If you require any accommodations during the recruitment process please contact lifecareers@irishlife.ie and we will be delighted to ensure you are fully supported to be your best.
CLGS supports Equal Opportunity and is regulated by the Central Bank of Ireland.