Automation Engineering

Our Automation Engineering team has the responsibility for designing, implementing, and maintaining a robust automation content for the Digital Forensic and Incident Response (DFIR) and Security Operations Center (SOC) teams. This includes the maintenance and development of playbooks, manual workflows, and automated scripts to streamline processes, improve efficiency, and reduce manual errors.

As a future 24/7 SOC, our team will have to operate around the clock to ensure the security and continuity of our systems and services. In this context, the Automation Engineer will also be responsible for ensuring that automated processes are running smoothly at all times, including nights and weekends. This may involve being on-call to troubleshoot and fix broken processes. The ability to work independently and make sound technical decisions in a fastpaced environment will be essential in this role.

We are currently looking for an automation engineer to join the team in order to:

• Design, develop, test, and deploy automation scenarios using a low code solution
• Collaborate with the DFIR and SOC teams to identify areas for automation and implement automated workflows to improve process efficiency
• Troubleshoot automation issues and provide technical support to resolve problems quickly and efficiently
• Develop and maintain documentation of automation processes and procedures
• Maintain a good state of documentation.

The selected candidate should have experience in IT security engineering and must possess knowledge in the following areas:

• Experience in scripting (e.g. Python, Bash, PowerShell), low-code or no-code solutions
• Experience with API and CI/CD
• Good problem-solving skills, with the ability to analyse complex issues and develop creative solutions
• Effective communication and collaboration skills, with the ability to work with technical and non-technical stakeholders.

The ideal candidate should also have the following experience:

• Work experience in experience with security information and event management (SIEM) systems, incident response, and threat intelligence
• Work experience with the no-code solutions such as Tines.

The candidate must hold a security clearance at EU SECRET level or be in a position to be security cleared.

• A friendly and multicultural workplace
• A stimulating and unique environment where personal development, growth and initiative are encouraged
• Working with a supportive and dynamic team with a deep sense of mission

Please note that the position is based in Brussels, Belgium. However, partly remote work might be possible, with some obligations to come to the office when necessary.

• Send an email to secretariat@cert.europa.eu with your CV (and a motivation letter if possible). Please provide the title of the position you are applying for in the subject of your email.
• If your skill-set matches the requirements, we will contact you for an informal interview to introduce you to CERT-EU, get to know you better and answer questions you might have
• If the informal interview goes well, we will then invite you for a formal interview in view of a possible recruitment.