Haleon

Detection&AutomationLead

₹25–40L ~AI est. India FULL TIME

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for Lead candidates.

The Brief

“Detection & Automation Lead at Haleon. Skills: SOAR, Detection engineering, Automation. Design automation workflows. Develop automation workflows”

What You'll Achieve.

Reduce false positives; Improve signal quality; Continuously optimising playbooks; Continuously improving detection coverage

Industry & Context.

Problems you'll solve

Troubleshoot failed executions; Troubleshoot API connectivity issues; Resolve automation workflow issues; Resolve integration issues; Analytical skills; Problem-solving skills

What They're Looking For.

Must Have

Three years experience in security operations, Three years experience in detection engineering, Three years experience in SOAR development, Understanding of log sources, Hands-on experience with SIEM platforms, Familiarity with EDR/XDR tools, Programming / scripting skills, Experience with SOAR platforms, Experience with REST APIs, Experience with system integrations

Nice to Have

Bachelor’s degree in Computer Science, Bachelor’s degree in Cyber Security, Equivalent experience to Bachelor's degree, Knowledge of DevOps practices, Knowledge of CI/CD pipelines, Familiarity with MITRE ATT&CK framework, Experience with containerisation, Ability to communicate complex problems succinctly, Knowledge of query languages, Understanding of attacker tactics, Understanding of attacker techniques, Understanding of attacker procedures, Attention to detail, Quality of detection logic, Ability to balance detection fidelity, Ability to balance operational efficiency, Experience with scripting, Experience with automation, Knowledge of cloud security monitoring, Familiarity with detection engineering methodologies, Familiarity with detection-as-code, Ability to work within a team environment, Sharing workload and responsibility, Analytical skills, Problem-solving skills

What You'll Do.

Design automation workflows

Develop automation workflows

Maintain automation workflows

Design detection capabilities

Develop detection capabilities

Maintain detection capabilities

Identify cyber threats

Enhance cyber security response

Design SOAR playbooks

Develop SOAR playbooks

Maintain SOAR playbooks

Automate security incident detection

Automate security incident response

Design detection rules

Develop detection rules

Maintain detection rules

Integrate security tools

Collaborate with SOC analysts

Collaborate with incident responders

Identify automation opportunities

Improve playbook performance

Improve playbook accuracy

Monitor automation pipelines

Troubleshoot failed executions

Troubleshoot API connectivity issues

Resolve automation workflow issues

Resolve integration issues

Document technical configurations

Follow security best practices

Stay up to date with threats

Stay up to date with technologies

Stay up to date with automation techniques

Identify suspicious activity

Identify detection opportunities

Improve detection coverage

Reduce false positives

Improve signal quality

Collaborate with security operations analysts

Validate detection logic

Refine detection logic

Translate threat intelligence

Develop detection-as-code practices

Support incident response

Create rapid detections

Map detections to frameworks

Ensure detection coverage

Recommend monitoring improvements

Work with Security Operations

Work with Threat Intelligence

Work with Incident Response teams

Detect threats quickly

Detect threats accurately

How You'll Work.

Team & Collaboration

Collaborating with SOC analysts; Collaborating with incident responders; Collaborating with security operations analysts; Working closely with Security Operations; Working closely with Threat Intelligence; Working closely with Incident Response teams; Work within a team environment

Communication Scope

Communicate complex problems

Full Job Description

Welcome to Haleon. We’re a purpose-driven, world-class consumer company putting everyday health in the hands of millions. In just three years since our launch, we’ve grown, evolved and are now entering an exciting new chapter – one filled with bold ambitions and enormous opportunity. Our trusted portfolio of brands – including Sensodyne®, Panadol®, Advil®, Voltaren®, Theraflu®, Otrivin®, and Centrum® – lead in resilient and growing categories. What sets us apart is our unique blend of deep human understanding and trusted science. Now it’s time to fully realise the full potential of our business and our people. We do this through our Win as One strategy. It puts our purpose – to deliver better everyday health with humanity – at the heart of everything we do. It unites us, inspires us, and challenges us to be better every day, driven by our agile, performance-focused culture. **About the role** This position is critical to protecting Haleon’s corporate assets and managing its day-to-day operational cyber security defences. It involves leading a team responsible for the design, development and maintenance of automation workflows and detection capabilities to identify cyber threats at the earliest opportunity and enhance the company’s cyber security response. **Responsibilities****:** The post holder will overall responsibility within the company for: * Designing, developing and maintaining SOAR playbooks to automate security incident detection and response. * Designing, developing and maintaining detection rules and use cases across SIEM, EDR, and other security platforms. * Integrating various security tools (SIEM, EDR, threat intelligence platforms, ticketing systems) into SOAR platforms. * Collaborating with SOC analysts and incident responders to identify automation opportunities. * Developing and maintaining APIs, scripts, and connectors for system integration. * Continuously optimising and improving existing playbooks for performance and accuracy. * Monitoring th

Free ATS check

Applying for this Detection & Automation Lead role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 47 detected · ranked by frequency

Automation ×5

SOAR ×3

Detection engineering ×3

Log source analysis ×3

SIEM platform usage ×3

EDR/XDR tool usage ×3

API integration ×3

Scripting ×3

Detection rule creation ×3

Threat intelligence translation ×3

Query language usage ×3

Splunk ×2

Sentinel ×2

QRadar ×2

CrowdStrike ×2

Defender ×2

Carbon Black ×2

Splunk SOAR ×2

IBM Resilient ×2

AWS ×2

Azure ×2

GCP ×2

Python

PowerShell

JavaScript

KQL

SPL

SQL

Bash

Security operations

System integration

Threat intelligence

BEHAVIOURAL

LeadershipAnalyticalProblem-solving

Role Details

Seniority mid

Experience 8–15 yrs

Level Lead

Work Mode Onsite

Type FULL TIME

Salary Band 200k+

AI-Extracted Insights

Domain Areas

cyber-securitylog-sourcescloud-security-monitoringmitre-att-ck-frameworkattacker-tacticsattacker-techniquesattacker-proceduresdetection-engineering-methodologies

Certifications

CISSPGCIAGCDAGSOCGCIH

How to Apply on Workday

Workday has a multi-step form — save your progress after every section.
"Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
Job requisition numbers are useful when following up with HR by email.

ANONYMOUS · UNFILTERED

What do employees actually say about Haleon?

Real rants from real employees. Read before you apply.

Read Company Rants →