SOAR Engineer

Job Title
SOAR Engineer

Overview
We are seeking a skilled SOAR Engineer to join our team and contribute to advanced security operations and threat detection initiatives. In this role, you will develop and implement threat defense solutions, focusing on automation and artificial intelligence capabilities that enhance our security posture. Collaborating with in-house teams, you will translate customer needs into effective, secure solutions while identifying gaps and customizing approaches to balance security and business objectives. Your work will directly impact our ability to detect, respond to, and mitigate security threats efficiently and effectively.

Education Requirements
A high school diploma or GED is required. Candidates should have or be able to obtain a Security certification within nine months of starting.

Clearance Requirements
This role requires an active Secret clearance. The ability to obtain and maintain a Secret clearance is required for this opportunity.

Work Arrangement
On-Site

Responsibilities

• Develop and implement threat defense solutions with a focus on detection, automation, and AI capabilities
• Collaborate with internal teams to identify the right tools, techniques, and procedures to meet security needs
• Design and customize technical solutions to identify security threats and improve detection capabilities
• Create and automate playbooks to streamline security operations and response efforts
• Manage an inventory of integrations to support broader automation initiatives
• Develop connectors and APIs to enable end-to-end automation of security procedures
• Troubleshoot and support automation tools, including scripting and library management
• Assist in identifying gaps in security solutions and recommend improvements
• Support the integration of various cybersecurity tools and platforms into existing security workflows
• Stay current with emerging security tools and marketplace innovations to enhance automation and threat detection

Required Qualifications

• 5 years of experience in cybersecurity engineering, including network, infrastructure, applications, or systems security, security operations, SIEM, incident response, or threat intelligence
• Experience with automation applications, including designing, troubleshooting, and supporting tools like Splunk SOAR, XSOAR, or Tines
• Proficiency in programming languages such as Python and working with APIs from Palo Alto, Versa, Splunk, Elastic, and others
• Ability to produce new playbooks and automate manual security procedures based on operational needs
• Experience managing integrations and developing connectors for security tools
• Top Secret clearance
• HS diploma or GED
• Ability to obtain a Security certification within 9 months of employment

Desired Skills

• Experience with threat intelligence platforms such as ThreatQ, Analyst1, or ThreatConnect
• Familiarity with log management platforms like Splunk or ELK Stack
• Knowledge of cybersecurity tools including Cisco ISE, Forescout, BigFix, Tanium, Zscaler, Palo Alto, McAfee, Carbon Black, CrowdStrike, FireEye, and cloud security platforms
• Linux administration experience
• Understanding of network protocols such as TCP, UDP, DNS, HTTP, HTTPS, SSH, and FTP
• Certifications including Splunk or Splunk SOAR, CEH, or CISSP

Why Apply
Join a dynamic team dedicated to strengthening security operations through innovative automation and threat detection solutions. This role offers the opportunity to work on cutting-edge cybersecurity projects in a collaborative environment that values your expertise. If you are passionate about security engineering and automation, we encourage you to apply and make a meaningful impact in protecting critical assets.