Senior AI Security & Automation Engineer

The Senior AI Security & Automation Engineer plays a pivotal role in enhancing the efficiency and maturity of the organisations security operations by designing and implementing robust automated solutions. Working in close collaboration with Global Information and Cyber Security Defence (ICSD) function this role identifies opportunities to streamline processes accelerate incident response and reduce operational overhead through intelligent automation leveraging Artificial Intelligence (AI) and Large Language Models (LLMs).

In addition to building scalable automation workflows this individual will contribute to the broader Security Engineering team including supporting Detection Engineering through the design development and optimisation of high-fidelity threat detections ensuring effective visibility of threats across the environment. The ideal candidate combines a deep understanding of cybersecurity operations with a strong background in scripting automation AI/LLM technologies and detection engineering practices to build scalable resilient and secure systems. This is a hybrid role requiring a minimum of one day in the office with additional office attendance as needed.

The Role:

• Design and deploy AI-driven security agents leveraging Large Language Models (LLMs) to automate traditionally manual security operations and workflows.
• Leverage LLM-powered platforms such as Microsoft Security Copilot to support cybersecurity tasks including threat hunting triage investigations and response and creating security incident response playbooks.
• Build and maintain SOAR playbooks integrated with various security platforms (e.g. SIEMs EDRs identity platforms) to streamline incident response and automation.
• Lead automation initiatives to eliminate manual processes improve the reliability and visibility of security controls and define metrics to measure the impact of process improvements.
• Ensure automation workflows and monitoring solutions are resilient integrated and optimized for 24/7 detection and response capabilities.
• Develop tune and maintain detection rules and analytics within Microsoft Sentinel SIEM/XDR platforms improving alert fidelity and aligning coverage to known threat techniques (e.g. MITRE ATT&CK).
• Support the administration and management of security tools within the Security Engineering team.
• Participate in proof-of-concepts for innovative security and automation solutions.
• Lead security operations process improvements including development and refinement of SOPs playbooks and standards.
• Support security audits assist in incident investigations and promote adherence to security best practices across DevOps environments.
• Create technical documentation and deliver enablement sessions to enhance security awareness and practices within engineering teams.
• Foster a culture of security excellence by promoting secure coding and design practices across the organization.

What youll bring:

• Bachelors degree in computer science Information Security or a related field or equivalent work experience.

• Demonstrated experience delivering cybersecurity solutions with a strong emphasis on security engineering and automated controls.

• Comfortable writing scripts using languages such as Python PowerShell or Bash and experience with automation platforms such as Azure Logic Apps SOAR tools (e.g. Microsoft Sentinel Splunk SOAR Cortex XSOAR).

• Experience building and tuning detections using SIEM platforms (e.g. KQL SPL) and working with security telemetry across endpoint identity network and cloud.

• Experience designing SOAR workflows for automated security response and incident triage.

• Proven experience with Large Language Models (LLMs) such as Claude GPT-4 OpenAI Azure OpenAI or similar frameworks.

• Deep understanding of cybersecurity domains including incident response threat detection and Identity and Access Management (IAM) principles.

• Experience with RESTful APIs JSON and integrating various security platforms.

• Familiarity with cloud platforms and cloud-native security services.

• Knowledge of Microsoft Security products such as Microsoft Sentinel Microsoft Defender XDR Microsoft Defender for Cloud Microsoft Intune etc.

• Solid understanding of ITSM and change control processes.

• Understanding log management SIEM tools endpoint detection and other security platforms.

Other Knowledge Skills and Abilities:

• Strong communication and collaboration skills with proven experience working in cross-functional global teams.
• Strong problem-solving and critical thinking skills for addressing security issues and finding effective solutions.
• Outstanding written and verbal communication skills.
• Ability to work both independently and collaboratively in a fast-paced environment.
• Strong communication skills with the ability to explain security concepts to non-technical stakeholders.

Certifications (Preferred):

• Microsoft Certified: Azure Security Engineer Associate (AZ-500)
• Microsoft Certified: Security Compliance and Identity Fundamentals (SC-900)
• Microsoft Certified: Security Operations Analyst Associate (SC-200)
• Certified Information Systems Security Professional (CISSP)
• Certified Automation Professional (CAP)
• Certified Cloud Security Professional (CCSP)
• CompTIA Security / CySA/ CASP
• Any other relevant security automation or cloud security certifications

What we offer

Enjoy a benefits package designed to help you thrive both professionally and personally. Youll receive 25 days of annual leave plus an extra WTW day to relax and recharge. Our comprehensive health and wellbeing offering includes private healthcare life insurance group income protection and regular health assessments all giving you peace of mind. Secure your future with our defined contribution pension scheme featuring matched contributions up to 10% from the company.

We support your growth and balance with hybrid working options access to an employee assistance programme and a fully paid volunteer day to make a difference in your community. On top of these you can opt into a variety of additional perks including an electric vehicle car scheme share scheme cycle-to-work programme dental and optical cover critical illness protection and much more. Start making the most of your career and wellbeing with a range of benefits tailored for you.

Equal Opportunity Employer

Were committed to equal employment opportunity and provide application interview and workplace adjustments and accommodations to all applicants. If you foresee any barriers from the application process through to joining WTW please