SITEC - Automation Engineer - MacDill AFB

About The Position

Requirements

• Min 12 years with HS degree, 10 years with AS/AA degree, 8 years with BS/BA, 6 years with MS/MA
• DoD 8570 IAT II Certification
• DoD TS/SCI clearance

Nice To Haves

• Previous experience operating within Department of War (DoW) or DoD enterprise network environments.
• Familiarity with CI/CD pipelines, DevOps practices, and version control systems (e.g., Git) for managing automation code.
• Experience with SIEM engineering, log management, and EDR/XDR technologies (e.g., Splunk Enterprise Security, CrowdStrike).
• Experience with cloud-native automation tools (e.g., AWS Lambda, Azure Logic Apps).

Responsibilities

• Design, develop, test, and deploy automated workflows, playbooks, and scripts to support cyber incident triage, investigation, and remediation.
• Administer and engineer enterprise SOAR platforms, including architecture planning, system health monitoring, and version upgrades.
• Develop custom API integrations (REST/SOAP) to connect the SOAR platform with a wide array of internal and external security tools, Threat Intelligence Platforms (TIPs), and IT service management systems.
• Collaborate with incident responders, threat hunters, and cyber analysts to gather requirements, map out standard operating procedures (SOPs), and translate them into efficient automated processes.
• Write, maintain, and optimize custom scripts (primarily in Python, PowerShell, or Bash) for parsing data, enriching alerts, and executing response actions.
• Troubleshoot and resolve complex issues related to playbook execution errors, failed API integrations, and data ingestion bottlenecks.
• Maintain comprehensive documentation for all custom code, automation architecture, and playbook logic.
• Provide technical guidance and training to SOC personnel on utilizing automated workflows effectively.

Benefits

• Employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.