CyberSecurity Automation & AI Product Owner

Boehringer Ingelheim España, S.A.
11 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Tech stack

Computer-Aided Design
API
Artificial Intelligence
Data analysis
Azure
Computer Security
Data Governance
DevOps
JSON
Python
OAuth
Powershell
Scrum
Role-Based Access Control
Power BI
Kusto Query Language
Azure
Systems Integration
Microsoft Power Automate
Large Language Models
Mttr
Cyber Threat Analysis
Information Technology
Bicep
Machine Learning Operations
REST
Terraform
Webhooks
Security Orchestration, Automation & Response
Servicenow
Databricks

Job description

You will lead the product vision, roadmap, and delivery for our Security Automation portfolio across SOAR and ServiceNow automation, expanding it with Applied AI/Data Science use cases for SecOps. You will partner with SOC, Incident Response and Threat Intelligence teams to turn pain points into measurable outcomes: Reducing MTTA/MTTR, cutting manual effort, and improving detection and response quality.

This role also stewards capabilities towards an "autonomous SOC" model: The convergence of AI and automation that enables human-in-the-loop decisioning, policy-driven guardrails, and continuous evaluation. The focus is on building trustworthy, transparent, and measurable product capabilities.

Tasks and responsibilities

  • Own the product strategy: define the vision and portfolio-level OKRs for SOAR, ServiceNow automation, and Applied AI in SecOps; align with risk reduction, quality, and efficiency goals.
  • Shape and prioritize the roadmap and backlog across the three workstreams (SOAR, ServiceNow, AI).
  • Drive outcomes over outputs: set measurable KPIs (MTTA/MTTR reduction, automation coverage, playbook success rate, false-positive reduction, model precision/recall, cost per execution) and run quarterly reviews.
  • Lead delivery at scale: run planning cadences (PI/QBR, sprint planning, reviews, retros), define Definition of Ready/Done, ensure quality gates and release criteria, and remove impediments for the team.
  • Architecture & standards ownership: set product-level guidelines for reliability, security, observability, error handling, idempotency, and secret management; publish reusable patterns and reference designs.
  • Change management & enablement: champion adoption through documentation, runbooks, training, and internal marketing; measure usage, satisfaction, and operational impact.
  • Team leadership: mentor and grow engineers/analysts, influence hiring, establish ways of working, and foster a culture of experimentation, data-driven decisions, and continuous improvement.
  • Risk & compliance: ensure data governance, access controls, auditability, and alignment with security and privacy requirements; coordinate control mapping and evidence with GRC teams.

Requirements

Do you have experience in Terraform?, Do you have a Master's degree?, * Bachelor's/Master's in Computer Science, Engineering, Data Science, or equivalent experience.

  • Track record leading cross-functional teams to deliver security automation and AI features.
  • 5+ years in Cybersecurity/IT with 2+ years in Product Management/Ownership or Technical Program Management delivering automation and/or AI products.
  • Proven delivery with SOAR (Logic Apps/Playbooks) at scale.
  • Hands-on Applied AI/Data Science for SecOps: experience shaping use cases and partnering with data teams on NLP, anomaly detection, classification, risk scoring; strong grasp of evaluation (precision/recall/F1), drift management, model monitoring, and MLOps (e.g., Azure ML/Databricks/Synapse).
  • Solid technical fluency: Python and/or PowerShell literacy, APIs/REST, JSON, webhooks, OAuth/service principals, and event-driven patterns.
  • Demonstrated impact on MTTA/MTTR, false-positive reduction, and automation rate; metrics-driven decision making.
  • Excellent stakeholder management and communication across SOC, IR, Engineering, and leadership; ability to translate requirements into value.
  • KQL for Sentinel analytics/hunting; Microsoft Defender/EDR/XDR ecosystem; TIP integrations.
  • Microsoft cloud automation: Azure Logic Apps, Functions, Automation Accounts, Key Vault, Managed Identities, RBAC.
  • Power Automate (Graph/Defender connectors) and Power BI (product/operations dashboards).
  • Infrastructure-as-Code (ARM/Bicep/Terraform) and Zero Trust patterns.
  • ServiceNow Performance Analytics/ATF; custom spokes; ITSM/IR best practices.
  • Experience with LLM safety and guardrails (prompt security, grounded generation/RAG over runbooks and KBs, data privacy/PII).

Desired certifications, courses and training:

  • SC-100: Microsoft Cybersecurity Architect, AZ-500: Azure Security Engineer, AZ-400: DevOps Engineer Expert.
  • ServiceNow: CSA/CAD, CIS-ITSM, CIS-IntegrationHub.
  • AI/ML: Azure Data/AI certifications (e.g., DP-100) or equivalent.

Benefits & conditions

We are continuously working to design the best experience for you. Here are some examples of how we will take care of you:

  • Flexible working conditions
  • Life and accident insurance
  • Health insurance at a competitive price
  • Investment in your learning and development
  • Gym membership discounts

Apply for this position