Senior SOAR Engineer

About The Position

Requirements

• Bachelors degree in information technology, Cyber Security, or other related fields.
• 8+ years of professional experience in cybersecurity with at least 5+ years dedicated to SOAR engineering or automation, including 3+ years working in a classified and air-gapped environment and 2+ years in a technical leadership role.
• DOD Top Secret clearance with the ability to obtain an SCI and CI Polygraph
• IAT III or higher-level certification required
• At least one of the following certifications: PCAP, PCPP, PCCSE, GCIH, GSOC, GMON, GCIA, GCDA, GCFA, or GCTI is preferred.
• At least one platform-specific SOAR certification: XSOAR, Splunk, Sentinel is preferred.
• Strong hands-on experience with at least one major SOAR platform (e.g., XSOAR, Splunk SOAR, IBM SOAR, Swimlane, Tines, Sentinel Logic Apps).
• Proficiency in Python for automation and integrations.
• Deep understanding of system architecture, data structures, and algorithms.
• Strong understanding of SOC operations, detection engineering, and IR processes.
• Experience working with REST APIs, webhooks, JSON, YAML, and automation frameworks.
• Advanced troubleshooting and problem-solving across complex enterprise networks.
• Knowledge of classified/unclassified government network requirements, NIST, DISA STIGs, and other cybersecurity frameworks.
• Effective collaboration with cross-functional teams, including security, systems engineering, and program management.
• Experience with multiple operating systems (Windows, Linux, and MacOS).
• Deep understanding of common security technologies (EDR, SIEM, firewalls, TIPs, IAM, cloud security).
• Strong understanding of vulnerability requirements, system STIGing, RMF, and ATO life cycle best practices.
• Familiarity with DevOps/GitOps tools (Git, CI/CD pipelines).
• Familiarity with SIEM and SOAR solutions (XSOAR, Swimlane, Splunk, Cortex XDR, QRadar, etc.).
• Experience with cloud platforms (AWS, Azure, GCP) and cloud automation.
• Knowledge of scripting beyond Python (PowerShell, Bash).

Responsibilities

• Serve as the primary architect and technical expert for SOAR technologies (e.g., Palo Alto XSOAR, Splunk SOAR, IBM SOAR, Microsoft Sentinel automation).
• Lead design and development of new SOAR playbooks, integrations, automation, and workflows.
• Maintain platform health, performance, scalability, and high availability.
• Collaborate with cross-functional teams to translate business requirements into technical specifications.
• Implement best practices for automation governance, version control, and deployment processes.
• Mentor, support, and guide engineers through code reviews, technical discussions, and career development.
• Build and optimize automated solutions for incident triage, enrichment, containment, remediation, and reporting.
• Develop custom connectors and integrations via APIs, Python scripting, or vendor SDKs.
• Identify repetitive SOC tasks and convert them into automation opportunities.
• Ensure automations meet security, compliance, and operational requirements.
• Enhance IR workflows with automated threat intelligence, vulnerability data, and detection signals.
• Troubleshoot automation failures, workflow issues, and data ingestion problems.
• Support major incident response activities by leveraging SOAR-driven orchestrations.
• Other duties as assigned.
• The Senior SOAR Engineer is expected to have additional duties as assigned in support of corporate cyber security services.
• Additional details are reviewed in accordance with company policies.