A little bit about us

Bespin Global is a top global cloud MSP recognized in the Gartner Magic Quadrant for 8 consecutive years. We’ve been named the AWS MSP Partner of the Year globally and have earned multiple Google Partner of the Year awards!

We have 1,400+ “Bespineers” across 16 offices in 10 countries—including the U.S., South Korea, Singapore, Dubai, Indonesia, China, and Japan—supporting over 4,500 customers worldwide.

We’re growing fast, and if you want to help enterprise clients solve complex challenges using the power of the cloud, this is the place for you.

Security Automation Engineer

We are looking for a mid to senior-level Security Engineer who is familiar with multiple technical domains and has deep experience in at least one domain of cloud, endpoint, identity, email, or network security. 

You should have a demonstrated track record of full-stack automation or security tool development using Python. You must be comfortable operating in the public cloud so that you can understand and anticipate customer pain points and onboard cloud and SaaS data sources into our platform.

The role is part of our high-profile U.S. security services team where you'll serve as a key contributor, working globally with Bespin engineers and our cloud partners to build and deliver security products and services.  

This is primarily a US/ Canada-Remote role but candidates should be located in the continental US and Canada time zones, with the ability to travel when needed.

About the Role:

As Security Automation Engineer, you will:

• Create tools that automate the analysis and detection of security events using tooling inside and outside of SOAR/SIEM/CNAPP/EDR platforms. 
• Configure product and service integrations and onboard new data sources for Bespin AI security products. 
• Monitor security events and respond to security incidents in client environments working with other Bespin and partner engineers to achieve optimal customer outcomes.
• Research and implement new product and services capabilities 

What We’re Looking For:

Must-Have:

• A minimum of 5 years of experience as a Security Analyst, Security Engineer, or DevOps Engineer with significant security responsibilities.
• Practical knowledge of cloud computing architecture and infrastructure such as compute, storage, identity, and networking.
• Experience with one or more SOC/SIEM/SOAR tools and security platforms (e.g., Splunk, Chronicle, SentinelOne, Elastic Security/Kibana, SumoLogic, or CrowdStrike) that ingests network, cloud, or endpoint events.
• Solid software development and troubleshooting practices in at least one programming language (Python preferred) for security automation. 
• Strong AI Literacy with significant experience using ChatGPT, Claude, Gemini, or other LLMs to perform technical research, conduct security analysis, or assist with coding inside or outside an IDE. 
• Significant operational experience in troubleshooting log ingestion and evaluating data sources for actionable events and IOCs across multiple layers of the application, infrastructure, identity, and network stack. 
• Solid command-line experience with Linux including tools such as git, curl, jq and other command-line tools commonly used for analyzing data or working in the cloud. 
• Excellent communication skills and the independence necessary to work asynchronously in a startup environment with members working across multiple international time zones.
• Authorized to work in the United States or Canada.

Nice-to-Have:

• Previous customer-facing experience in consulting or managed services.
• Deep understanding and hands-on experience with detection engineering practices including alert versioning, tuning, and testing.
• Experience using AI to accelerate software development (Claude Code, Gemini, Codex, etc.) using the latest approaches. 
• Experience operating and deployment  3rd party Cloud Security SaaS Tools (Wiz, Orca, CrowdStrike, Prisma Cloud, Tenable, etc.) or native tools such as KMS, Guard Duty, IAM, Google Security Command Center, etc. 
• Experience using Terraform or other IaC tools to implement and enforce cloud security best practices.
• Fluency with collaborative development practices (branching, tagging, code review) using git and application deployment processes in the cloud.
• Strong data engineering skills and experience building and running high-volume event ingestion pipelines with tools such as Cribl, Bindplane, or Vector.
• Experience with one or more agent frameworks (Crew AI, Pydantic, LangChain, Agno, Google ADK, etc.) with a focus on security automation use cases.
• Google Cloud certification (e.g., Professional Cloud Security Engineer) or equivalent experience, with AWS or Azure security certifications. Additional security certifications (Security+, GCIH, CEH, CISSP)

Ready to shape the future of cloud and data for some of the most exciting companies in the world?
Apply today and bring your expertise to Bespin Global.