Job Requirements
Washington, DC
Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Description:
Hybrid 2 Days Onsite/3 Days Remote in Washington, DC
Our client seeks an Automation / SOAR Engineer to design, develop, and implement automation solutions within a federal cybersecurity operations environment. The role focuses on building SOAR playbooks, automating incident response workflows, and integrating security tools to improve detection and response efficiency. The ideal candidate has hands-on experience in SOC environments with scripting, systems integration, and process optimization.
Due to client requirements, applicants must be willing and able to work on a w2 basis. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance.
Rate: $75.00 to $80.00/hr. w2
Responsibilities:
Experience Requirements:
Hybrid 2 Days Onsite/3 Days Remote in Washington, DC
Our client seeks an Automation / SOAR Engineer to design, develop, and implement automation solutions within a federal cybersecurity operations environment. The role focuses on building SOAR playbooks, automating incident response workflows, and integrating security tools to improve detection and response efficiency. The ideal candidate has hands-on experience in SOC environments with scripting, systems integration, and process optimization.
Due to client requirements, applicants must be willing and able to work on a w2 basis. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance.
Rate: $75.00 to $80.00/hr. w2
Responsibilities:
- Design, develop, and maintain SOAR playbooks and automation workflows.
- Automate incident response processes including alert triage, enrichment, and remediation actions.
- Integrate SOAR platforms with SIEM, ticketing, EDR/XDR, and cloud security tools.
- Develop scripts to support automation and tool integration using languages such as Python or PowerShell.
- Enhance and streamline security operations processes through automation.
- Collaborate with SOC analysts, engineers, and incident response teams to identify automation opportunities.
- Support alert enrichment, correlation, and response orchestration across security tools.
- Maintain and optimize automation pipelines to improve operational efficiency and reduce manual effort.
- Document playbooks, workflows, and automation procedures.
- Support reporting and metrics related to automation effectiveness and SOC performance.
Experience Requirements:
- 5+ years of experience in cybersecurity, automation engineering, or SOC environments.
- Hands-on experience with SOAR playbook development or automation engineering.
- Experience with incident response workflow automation.
- Integration experience with SIEM, ticketing, EDR/XDR, or cloud security tools.
- Scripting or automation using Python, PowerShell, or similar.
- Security process improvement experience.
- Strong understanding of SOC workflows and the incident response lifecycle.
- Experience working in 24x7 cybersecurity operations environments.
- Experience with tools such as Splunk, Microsoft Sentinel, Microsoft Defender, Rapid7 InsightVM, Veracode, Jira, Confluence, AWS, Azure, Okta, Entra ID/Entra PIM, Intune, Device42, Microsoft Purview, Appian, and Oracle in hybrid environments.
- Preferred: experience supporting federal agencies or regulated environments, familiarity with detection engineering and alert tuning, experience integrating automation into Zero Trust or enterprise security architectures, knowledge of scripting frameworks, REST APIs, and orchestration patterns, and relevant certifications such as Splunk, Microsoft Security, SOAR-related certifications, Security+, or CySA+.
group id: 10106647