LI

Security Automation Engineer

Job summary

Indianapolis
Engineering

Work model

Hybrid · 2 days home
2 days ago
Job description

At Lilly, the work is demanding because patients are waiting. We unite caring with discovery to help make life better for people around the world, knowing that every decision, every detail, and every day matters. Headquartered in Indianapolis, Indiana, our over 50,000 employees around the globe take on complex challenges to discover and deliver life-changing medicines, strengthen how health is understood and managed, and support the communities we serve. This is hard, urgent, selfless work---but it's work worth doing. If you're driven by purpose and ready to bring your best to work that truly matters for patients, we invite you to join us.

Join Lilly's Security Architecture and Engineering team as a builder who creates the tools and automations that power our security work, and who can roll up their sleeves with development teams when they need a hand.

Lilly's Security Architecture and Engineering team is looking for a builder. Most of your time will go to designing and writing the automations and internal tooling that make our own security workflows faster and less manual, whether that means orchestrating tools, wiring up integrations, or replacing repetitive work with reliable software. You'll also partner directly with development teams when it counts, reading their code, untangling vulnerabilities, and making security make sense in their language. You're comfortable reaching for modern tools, including AI coding assistants, to figure things out and ship quickly.

What You'll Be Doing

As a Security Automation Engineer, you will spend most of your time as a builder, designing and writing automations and internal tooling that streamline our security team's own workflows, from triage and reporting to evidence gathering, scan orchestration, and the repetitive work that slows us down. You'll also serve as a hands-on partner to software engineering teams across Lilly, helping them remediate vulnerabilities and turning findings, standards, and threat models into clear, practical guidance.

How You'll Succeed

  • Design, write, and maintain automated workflows and internal tooling to streamline the security team's workflows: triage, reporting, evidence gathering, scan orchestration, and repetitive review tasks.
  • Build integrations across the security stack (scanners, ticketing, source control, cloud, and asset systems) so information flows automatically rather than by hand.
  • Hunt down manual, repetitive work across the team and replace it with reliable, well-documented automation workflows.
  • Stand up and improve the pipelines and services the team relies on day to day, with an eye toward reliability and maintainability.
  • Prototype quickly using modern tooling, including AI coding assistants, then harden what works into durable tools.
  • Operate as a self-directed "figure it out" engineer, taking ambiguous problems end-to-end with minimal direction.
  • Partner with development teams when it counts, pairing in their codebases to remediate vulnerabilities and explaining the reasoning behind each fix.
  • Translate security findings, standards, and threat models into clear, actionable guidance tailored to each team's context.
  • Share the tools and patterns you build so teams can adopt secure-by-default practices on their own.

What You Should Bring

  • Strong general-purpose programming skills and a bias toward automating repetitive work rather than doing it by hand.
  • Experience building integrations, services, scripts, or internal tools that connect systems and remove manual steps.
  • Experience automating or orchestrating security or DevOps tooling such as scanners, pipelines, ticketing, or cloud APIs.
  • Ability to take ambiguous problems and deliver working solutions with minimal direction.
  • Comfort using AI coding assistants such as Claude Code to prototype and ship.
  • Comfort partnering with and coaching developers, explaining security clearly, and meeting teams where they are.
  • Familiarity with application security fundamentals such as the OWASP Top 10, CWE, secure coding practices, and threat modeling.
  • Experience helping teams interpret and remediate findings from SAST, DAST, SCA, or secret-scanning tools.
  • Working knowledge of modern CI/CD pipelines and cloud environments.
  • Relevant certifications (e.g., CSSLP, GIAC GWEB/GSSP, OSCP, or similar) are preferred, but not required.

Basic Requirements

  • Minimum of a High School Diploma/GED
  • At least 1 year of professional software development experience with individual contributions to production systems
  • Demonstrated production coding experience in at least one of: Python, TypeScript/JavaScript, Java, Go, or C#, not solely in an advisory, review, or scripting capacity
  • Experience building automation, integrations, or internal tooling
  • Qualified applicants must be authorized to work in the United States on a full-time basis. Lilly will not provide support for or sponsor work authorization or visas for this role.

Additional Information

  • Bachelor's Degree in Computer Science, Information Security, Software Engineering, or a related technical field preferred
  • Position requires 5-10% travel
  • Position located in Indianapolis, Indiana working in a hybrid model (three days onsite, two days remote each week)
  • Fully remote candidates may be considered based on location, role requirements and business needs

Organization Overview

Lilly IT builds and maintains capabilities using cutting edge technologies. What differentiates Lilly IT is that we redefine what's possible through tech to advance our purpose, creating medicines that make life better for people around the world.

Lilly's Information Security organization drives innovative, data-driven, and risk-based solutions that help enable and protect Lilly.

#WeAreLilly