Automation Engineer

The Automation Engineer supports the Team by designing and developing automation that improves vulnerability management, reporting, evidence generation, and recurring technical validations. This role is deliverable-based and focused on creating reusable scripts, dashboards, integrations, and documentation that remain useful. Will work under the supervision of the Team Manager and coordinate with the Jr. Purple Teamer for operational requirements.

Key Responsibilities:

Qualys API Reporting Automation:

• Develop scripts to extract vulnerability data from the Qualys API.
• Automate exports of Critical and High vulnerabilities by BPO, asset group, severity, age, owner, status, and remediation SLA.
• Generate recurring reports for vulnerability aging, overdue findings, remediation progress, reopening rate, and scan coverage.
• Support automated identification of unauthenticated scans, stale assets, missing agents, and inactive hosts.

SLA Aging and Remediation Tracking:

• Build automation to calculate SLA aging based on severity, detection date, remediation due date, and current status.
• Generate exception lists for overdue Critical and High vulnerabilities.
• Create outputs that can be used by IT, GRC, and the Team for weekly follow-up.
• Support integration with ticketing workflows where technically feasible and approved.

Agent Coverage and Asset Health Automation:

• Automate reporting of Qualys agent coverage, inactive agents, duplicate assets, and assets missing authenticated scan data.
• Compare Qualys data with approved sources such as CMDB, EDR, Endpoint Management, or cloud inventory tools where access is granted.
• Produce asset coverage summaries by BPO, environment, operating system, asset type, and business owner where data exists.

Vulnerability Management Dashboard Prototype:

• Build a dashboard prototype showing vulnerability exposure, Critical/High trends, MTTR, SLA aging, top vulnerable assets, top recurring vulnerabilities, and BPO-level risk indicators.
• Include views for executive summary, operational remediation, compliance evidence, and technical drill-down.
• Design the dashboard to support future integration with Qualys, Wiz, ticketing platforms, CMDB, EDR, and other approved security data sources.
• Provide documentation so the internal team can maintain and expand the dashboard.

Wiz Integration Research and Tooling Improvement:

• Explore integration options between Qualys and Wiz for cloud exposure, vulnerability correlation, asset context, internet exposure, toxic combinations, and prioritization.
• Identify how Wiz data could improve vulnerability management prioritization and asset risk scoring.
• Evaluate other tools or data sources that may improve the current vulnerability management process, such as CMDB, EDR, SIEM, EndpointCentral, CrowdStrike, Wazuh, Jira, ServiceNow, or Power BI.
• Provide a short technical recommendation document with feasible integrations, required access, expected value, limitations, and implementation effort.

URL Validation Automation:

• Develop a controlled URL validation script or workflow to support technical reviews of client-requested URLs.
• Automate checks for DNS resolution, TLS certificate validity, certificate expiration, HTTP security headers, redirects, reputation indicators where approved, exposed login pages, and screenshot capture where appropriate.
• Produce standardized output that can be reviewed by the Team Manager before approval or rejection.
• Ensure the script does not perform intrusive scanning unless explicitly approved.

Gold Image Checklist Automation:

• Develop automation to support Gold Image validation against approved security baselines.
• Check for required security agents, hardening indicators, local configuration, GPO-related controls, endpoint protection presence, logging configuration, and approved software lists where technically feasible.
• Produce a pass/fail checklist format with evidence and exceptions.
• Ensure the automation supports review but does not replace Manager approval.

Evidence Package Automation:

• Create scripts or templates to generate structured evidence folders for vulnerability scans, retests, segmentation tests, URL validations, Gold Image reviews, and audit requests.
• Standardize filenames, timestamps, metadata, screenshots, exports, and summary files.
• Reduce manual evidence preparation for PCI, ISO 27001, SOC2, and HIPAA reviews.

Secure Development and Handover:

• Store all code in the approved corporate repository.
• Document setup instructions, dependencies, API permissions, usage examples, and maintenance procedures.
• Avoid hardcoded credentials, secrets, API tokens, or sensitive data in scripts.
• Provide knowledge transfer sessions to the Team Manager and Jr. Analyst.

Requirements

• Bachelor’s degree in Computer Science, Information Technology, Engineering, or related field.
• Strong Python scripting experience.
• Experience with REST APIs, JSON, CSV, authentication tokens, pagination, error handling, and scheduled jobs.
• Experience with Qualys API or comparable vulnerability management APIs.
• Working knowledge of vulnerability management metrics, CVSS, asset inventory, and remediation workflows.
• Experience building dashboards using Power BI, Grafana, Looker Studio, Excel/Power Query, or similar tools.
• Familiarity with Wiz, cloud security posture management, exposure management, or vulnerability correlation is highly preferred.
• Knowledge of Windows, Linux, networking, TLS, DNS, HTTP headers, and endpoint security controls.
• Familiarity with secure coding, secrets handling, Git, and documentation.