Automation Lead

 Automation Lead 
Job Type: Permanent Full Time

Description:

Automation Lead

Position Description
We''re standing up a dedicated vulnerability management practice at one of the largest banks in the US, automating what two vendor teams currently do by hand, and building the AI layer that takes it further.
The work is hands-on, the impact is visible, and you''ll have a delivery team ready to execute behind you from day one.

This position is located at our client site in Cleveland, OH, Pittsburgh, PA, or Dallas, TX.

For this role on this particular client engagement, employer sponsorship of immigration related visa and/or status as part of the PERM process will not be available.

Future duties and responsibilities
Automation Pipeline Development & Maintenance
.    Build, maintain, and enhance the runbook library for L1 and L2 vulnerability remediation - covering OS patching, base image updates, SSL/TLS configuration, infrastructure config changes, and middleware updates
.    Develop and maintain automation scripts for vulnerability intake, deduplication, and routing across scan sources including Archer, Tanium, Sysdig, SecurityCenter, and Imperva
.    Implement and maintain CI/CD pipeline integrations per architecture specifications - Jenkins and GitHub Actions specifically
.    Build and maintain automated PR generation pipelines for container base image updates and library version bumps across application mnemonics
.    Develop and maintain the automated RITM generation integration with ServiceNow - triggering, routing, and status tracking without manual intervention
.    Ensure automation pipeline health through proactive monitoring, alerting, and self-healing mechanisms
Policy-as-Code & Security Automation
.    Implement policy-as-code rules using OPA/Conftest per framework specifications defined by the Solution Architect
.    Build automated policy enforcement and risk-based gating mechanisms within CI/CD pipelines
.    Develop and maintain automated vulnerability scanning integrations - SAST, DAST, SCA, container scanning, IaC scanning, and secrets detection
.    Build feedback loop mechanisms to flag and retest vulnerabilities prior to production deployment
.    Implement and maintain compliance automation rules and audit-ready evidence generation
AI & Intelligent Automation
.    Collaborate with AI/ML Engineers to build and maintain the AI triage engine integration - connecting vulnerability feeds to the LangChain-based routing and scoring layer
.    Build the deduplication layer that normalizes and cross-references vulnerability data across multiple scan sources
.    Implement automated vulnerability routing logic based on risk scores, asset criticality, and remediation pathway classification
.    Build and maintain AI co-pilot integrations for L3 simple fix PR generation - Python-based agent pipeline using LangChain and Azure OpenAI
.    Develop feedback loop mechanisms that feed closure data back into the triage model for continuous accuracy improvement
Reporting & Dashboard Development
.    Build and maintain the unified SLA compliance dashboard in Archer - real-time vulnerability status, MTTR tracking, backlog burn-down by severity and mnemonic
.    Develop weekly automated SLA burn-down reports and monthly executive summaries per specifications defined by the Solution Architect
.    Build Jira-based tracking integrations unifying WS1 and WS2 reporting into a single view
.    Implement automated data pipelines that aggregate vulnerability status across Archer, ServiceNow, Jira, and scan sources into the reporting layer
.    Develop and maintain operational metrics dashboards - automation efficiency, runbook execution rates, PR generation throughput, AI triage accuracy
Continuous Improvement
.    Identify opportunities to automate recurring manual tasks across all three execution crews and implement solutions
.    Monitor runbook execution performance and tune scripts to improve throughput and reduce failure rates
.    Contribute execution-level insights to the Solution Architect for continuous improvement of the automation framework
 .    Document all automation scripts, runbooks, and integration patterns in Confluence - maintaining up-to-date operational guides for the GCC execution teams
.    Support knowledge transfer of automation frameworks to execution crew members as new capabilities are deployed
 
Required Qualifications:
8+ years of hands-on experience in DevSecOps, automation engineering, or infrastructure automation
.    Strong Python scripting, Ansible and Terraform experience - daily operational use for automation scripts, API integrations, and data pipeline development
.    Hands-on Jenkins and GitHub Actions experience - pipeline build, maintenance, and troubleshooting, not just design-level familiarity
.    Experience building and maintaining CI/CD security integrations - at least two of SAST, DAST, SCA, container scanning, or IaC scanning tools in production environments
.    ServiceNow API integration experience - ITSM workflow automation, RITM creation, and status tracking via REST API
.    Docker and container operations experience - base image management, Dockerfile optimization, container security scanning
.    OPA/Conftest or equivalent policy-as-code implementation experience
.    Experience with GRC or vulnerability management platforms - Archer, Qualys, Tenable, or equivalent
.    Strong REST API development and integration experience - building automation pipelines that connect multiple enterprise systems
.    Jira administration and workflow automation experience
.    Strong communications (verbal and written) skills and solid technical writing experience
.    Strong attention to detail to spot discrepancies in transactions or customer information

#M1
#DI-CB2


#L1 - KB1