Lead security automation strategy, standards, and implementation across cloud, DevSecOps, and GRC engineering domains
Design and implement automated controls, continuous monitoring, and evidence collection aligned to NIST, PCI, and SOX requirements
Build and enhance secure CI/CD pipelines using GitHub and CircleCI for both traditional developers and emerging AI-enabled developer communities
Implement Infrastructure as Code with Terraform and configuration management with Ansible to improve consistency, security, and scale
Develop automation to improve operational security, detection, and response efficiency using platforms such as CrowdStrike, CrowdStrike SIEM, GitHub Advanced Security, Qualys, and Netskope
Design and implement container and Kubernetes (EKS) security controls including image scanning and runtime protection
Develop automation for secrets management and least-privilege identity enforcement
Enhance observability and security telemetry pipelines to improve detection and response
Support incident response automation, playbooks, and post-incident analysis
Apply threat modeling and risk-based design principles to security automation solutions
Integrate security findings, policy checks, code scanning, vulnerability data, and cloud controls into orchestrated engineering workflows
Leverage AI-assisted development, intelligent automation, and developer guardrails where appropriate to improve engineering speed and security outcomes
Partner with Infrastructure, Cloud, Cybersecurity, and Application teams to establish reusable automation patterns and self-service capabilities
Requirements
3+ years of experience in DevSecOps, Security Engineering, or a related space, with a passion for building secure, scalable systems
Strong Python skills and hands-on experience working with GitHub, CI/CD pipelines, and automation, you're someone who loves to streamline and improve how things get done
Experience working in AWS environments, using tools like Terraform, and building secure-by-design infrastructure and application pipelines
A track record of automating security, compliance, or operational processes to improve efficiency and reduce risk
Familiarity with containerization and orchestration tools like Docker and Kubernetes (EKS is a plus)
Experience implementing application security practices (SAST, DAST, SCA) and integrating them into the development lifecycle
Solid understanding of identity, secrets management, and modern security best practices
Exposure to observability, logging, and security telemetry, you know how to make systems visible and actionable
Experience with threat modeling or thinking through systems from a risk-based security perspective
Working knowledge of security and compliance frameworks (NIST, PCI, SOX, or similar)
Ability to collaborate across teams and influence technical decisions, you're comfortable working with engineers, product, and leadership
Experience securing APIs and microservices architectures
Industry certifications like AWS Security Specialty, CISSP, CISM, or CKS
Experience with tools like Ansible, policy-as-code frameworks, or SOAR platforms
Familiarity with security tools such as GitHub Ad
Additional Information
Ready to make your next big professional move? Join us on our journey to achieve our big dream of building the most loved restaurant brands in the world.
Restaurant Brands International Inc. is one of the world's largest quick service restaurant companies with nearly $45 billion in annual system-wide sales and over 32,000 restaurants in more than 120 countries and territories.
RBI owns four of the world's most prominent and iconic quick service restaurant brands - TIM HORTONS®, BURGER KING®, POPEYES®, and FIREHOUSE SUBS®. These independently operated brands have been serving their respective guests, franchisees and communities for decades. Through its Restaurant Brands for Good framework, RBI is improving sustainable outcomes related to its food, the planet, and people and communities.
RBI is committed to growing the TIM HORTONS®, BURGER KING®, POPEYES® and FIREHOUSE SUBS® brands by leveraging their respective core values, employee and franchisee relationships, and long track records of community support. Each brand benefits from the global scale and shared best practices that come from ownership by Restaurant Brands International Inc.
We are seeking a Lead Automation Engineer to lead the design, standardization, and scaling of automation across our cybersecurity and compliance ecosystem. This role serves as a hands-on technical leader responsible for building secure pipelines, enabling continuous monitoring, and improving operational security and efficiency across a global enterprise.
RBI follows a 5 day, in-office work schedule to support collaboration. Candidates should be comfortable working onsite 5 days per week out of our office in Miami, FL .
Rbi · Corp - Miami Corporate Office