Security Automation Lead

A Career with Point72’s Technology Team

As Point72 reimagines the future of investing, our Technology team is constantly evolving our firm’s IT infrastructure and engineering capabilities, positioning us at the forefront of a rapidly evolving technology landscape. We’re a team of experts who experiment and work to discover new ways to harness open-source solutions, modern cloud architectures, and sophisticated Artificial Intelligence (AI) solutions, while embracing enterprise agile methodologies. Our commitment to building and innovating in the AI space provides the framework intended to drive smarter decision making and enhance how we build and operate our platforms and applications.

As a member of Point72’s Technology team, we encourage and support your professional development from day one—helping you advance your technical skills, contribute innovative ideas, and satisfy your own intellectual curiosity—all while delivering real business impact for our multi-billion-dollar global business.

What you’ll do

Lead the design and operation of a single, auditable security automation pipeline where security controls are authored, reviewed, validated, and deployed

Build drift reconciliation and validation engines that detect and remediate divergence across endpoint, identity, cloud, and vulnerability management domains

• Replace manual console operations with version-controlled, auditable automation built on infrastructure-as-code and configuration management platforms


• Implement and scale infrastructure-as-code deployment patterns and reusable automation components that accelerate delivery of security controls across teams


• Build and maintain continuous integration and continuous deployment pipelines with automated linting, policy-as-code checks, pre-deployment validation gates, and promotion workflows


• Design observability and monitoring pipelines that surface drift, control failures, and deployment health across environments and enable rapid incident detection and response


• Instrument container and Kubernetes security workflows, including image scanning, admission control, runtime policy enforcement, and namespace isolation, to harden cloud-native workloads


• Run the team's sprint cycle with a single backlog, two-week cadence, clear Definition of Done, controlled intake of unplanned work, and disciplined capacity planning


• Integrate automation with existing security and infrastructure tooling while driving the transition from contractor-delivered manual work to engineering-owned automation


• Define, track, and report operational metrics such as toil reduction, bypass rate, change failure rate, drift detection and remediation time, and sprint predictability, using those metrics to drive continuous improvement and postmortems

What’s required

• Demonstrated experience building and operating security automation pipelines in production environments, including continuous integration and continuous deployment systems, infrastructure-as-code, configuration management, and scripting in PowerShell, Python, or Bash


• Hands-on experience using Terraform, CloudFormation, or Pulumi for infrastructure provisioning and policy enforcement at scale


• Proven experience building and operating CI/CD pipelines in GitHub Actions, GitLab CI, Jenkins, or equivalent, including branching strategies, automated testing, and promotion workflows


• Working knowledge of container orchestration platforms, including Kubernetes cluster operations, Helm chart management, image lifecycle, and admission controller integration


• Experience designing and operating observability stacks using tools such as Prometheus, Grafana, Datadog, or Splunk for infrastructure and security telemetry, alerting, and dashboarding


• Familiarity with policy-as-code frameworks such as Open Policy Agent—including Rego—Sentinel, or Cedar for automated compliance and guardrail enforcement


• Direct people management experience with responsibility for hiring, coaching, development, and accountability to delivery commitments


• Demonstrated experience operating in sprint discipline with ownership of backlog prioritization, capacity planning, and Definition of Done enforcement


• Working knowledge of enterprise security tooling across endpoint detection and response, mobile device management, identity providers, security information and event management, and vulnerability management platforms.


• Commitment to the highest ethical standards

We take care of our people

We invest in our people, their careers, their health, and their well-being. When you work here, we provide:

• Fully-paid health care benefits


• Generous parental and family leave policies


• Volunteer opportunities


• Support for employee-led affinity groups representing women, people of color and the LGBT+ community


• Mental and physical wellness programs


• Tuition assistance


• A 401(k) savings program with an employer match and more

About Point72

Point72 is a leading global alternative investment firm led by Steven A. Cohen. Building on more than 30 years of investing experience, Point72 seeks to deliver superior returns for its investors through fundamental and systematic investing strategies across asset classes and geographies. We aim to attract and retain the industry’s brightest talent by cultivating an investor-led culture and committing to our people’s long-term growth. For more information, visit https://point72.com/.

The annual base salary range for this role is $250,000-$350,000 (USD), which does not include discretionary bonus compensation or our comprehensive benefits package. Actual compensation offered to the successful candidate may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level, among other things.