Join Lilly’s Security Architecture and Engineering team as a Security Automation Engineer who builds security tools and automations and partners with development teams.
What You’ll Be Doing
- Design and write automated workflows and internal tooling to streamline security workflows (triage/reporting, evidence gathering, scan orchestration, and repetitive review tasks).
- Build integrations across the security stack (scanners, ticketing, source control, cloud, and asset systems).
- Replace manual/repetitive work with reliable, well-documented automation.
- Stand up and improve pipelines/services for reliability and maintainability.
- Prototype quickly using modern tooling, including AI coding assistants, then harden working solutions.
- Work independently on ambiguous problems end-to-end.
- Pair with developers to remediate vulnerabilities and explain fixes.
- Translate security findings/standards/threat models into actionable guidance.
- Share tools and patterns to enable secure-by-default practices.
How You’ll Succeed / Qualifications
- Strong general-purpose programming; automate repetitive work.
- Experience building integrations/services/scripts/internal tools.
- Experience automating/orchestrating security or DevOps tooling (scanners, pipelines, ticketing, cloud APIs).
- Ability to deliver solutions with minimal direction.
- Comfort using AI coding assistants (e.g., Claude Code) to prototype/ship.
- Comfort partnering/coaching developers.
- Familiarity with app security fundamentals (OWASP Top 10, CWE, secure coding, threat modeling).
- Experience interpreting/remediating findings from SAST/DAST/SCA/secret scanning.
- Working knowledge of modern CI/CD and cloud environments.
- Preferred certs (CSSLP, GIAC GWEB/GSSP, OSCP) but not required.
Basic Requirements
- High School Diploma/GED.
- At least 1 year professional software development contributing to production systems.
- Production coding experience in Python, TypeScript/JavaScript, Java, Go, or C# (not only advisory/review/scripting).
- Experience building automation/integrations/internal tooling.
- Authorization to work in the United States full-time (no visa sponsorship).
Application/Additional Info
- Bachelor’s in CS/InfoSec/Software Eng or related preferred.
- 5–10% travel.
- Hybrid in Indianapolis, IN (3 onsite/2 remote); fully remote may be considered based on business needs.