SOAR Engineers

Role Description

This is a full-time hybrid role for a SOAR Engineer, located in the Washington DC-Baltimore area, with the flexibility for partial remote work. The SOAR Engineer will design, implement, and optimize SOAR solutions to automate and enhance security operations. Responsibilities include developing and maintaining scalable automation playbooks, integrating security tools (e.g., Cortex XSOAR, Splunk ES), creating workflows, and delivering technical support. Working closely with SOC teams, the engineer will help identify inefficiencies, propose streamlined solutions, and offer guidance on adopting AI-driven and automated security practices.

Qualifications

• Expertise in SOAR platforms like Cortex XSOAR or similar tools
• Proficiency in developing automation playbooks and integrating security platforms such as Splunk ES, XSIAM, or ServiceNow Security Operations
• Strong hands-on skills in programming or scripting, such as Python or JavaScript, for playbook and workflow customization
• Experience with AI-driven analytics implementations and automation concepts in a cybersecurity context
• Familiarity with industry frameworks like MITRE ATT&CK, NIST, or related compliance requirements
• Ability to collaborate with SOC teams and other stakeholders to understand operational challenges and provide tailored solutions
• Bachelor's degree in Cybersecurity, Computer Science, or a related discipline, or equivalent work experience
• Relevant certifications such as CISSP, CEH, or vendor-specific certifications (e.g., Palo Alto certifications) are a plus