SOAR Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Tential Solutions · 13 hours ago

SOAR Security Engineer

positionRockville, MD
timeContract
remoteOnsite
senioritySenior Level
date5+ years exp

Tential Solutions is evolving its Security Operations Center into a mature security operations program, and they are seeking an experienced SOC Engineer to provide technical vision and leadership. The role focuses on building detection capabilities, automating security responses, and creating frameworks for SOC analysts to identify and respond to threats effectively.

Human ResourcesInformation Technology
check
Growth Opportunities
check
H1B Sponsor Likelynote
Hiring Manager
Will Bartolotta
linkedin

Responsibilities

Design and implement comprehensive detection use cases aligned with the MITRE ATT&CK framework
Conduct gap analysis of current detection coverage and develop roadmap to address gaps
Build and tune correlation searches, alerts, and detection logic in Splunk Enterprise Security
Implement Risk-Based Alerting (RBA) methodologies to improve signal-to-noise ratio
Develop detection strategies for multi-cloud environments (AWS, GCP, Azure)
Continuously evaluate and improve detection effectiveness based on SOC feedback
Design and implement automated response playbooks using Splunk SOAR
Build integrations between security tools to enable automated investigation and response workflows
Develop scripts and automation (Python, Bash, PowerShell) to streamline SOC operations
Create reusable automation frameworks that scale across multiple use cases
Collaborate with platform engineering to ensure reliable automation infrastructure
Define what a mature SOC capability looks like using Splunk ES, SOAR, and supporting tools
Identify gaps and shortcomings in current SOC implementation and provide clear remediation guidance
Establish best practices, standards, and frameworks for detection engineering and response
Mentor platform engineering team on SOC-specific requirements and approaches
Contribute to long-term SOC strategy and capability development
Partner with threat intelligence and threat hunting teams to operationalize research into detections
Work with SOC analysts to understand investigation workflows and improve detection quality
Collaborate with platform engineering teams to implement and maintain SOC infrastructure
Participate in incident response activities to validate and refine detection and automation capabilities
Document detection logic, playbooks, and technical architectures

Qualification

SOC ExperienceSIEM ExpertiseDetection EngineeringMITRE ATT&CK FrameworkSecurity AutomationScriptingCloud SecurityAnalytical MindsetSplunk SOARRisk-Based AlertingThreat huntingInfrastructure automationRelevant certifications

Required

SOC Experience: 5+ years in a Security Operations Center environment with exposure to mature SOC operations and best practices
SIEM Expertise: Hands-on experience with Splunk Enterprise Security or comparable enterprise SIEM platforms (building correlation searches, alerts, dashboards, and ES-specific frameworks)
Detection Engineering: Proven experience developing security detections, use cases, and alert tuning methodologies
MITRE ATT&CK Framework: Practical application of MITRE ATT&CK for detection coverage mapping and gap analysis
Security Automation: Experience building automated response workflows and playbooks (SOAR platforms preferred)
Scripting: Strong proficiency in Python, PowerShell, or Bash for automation and integration development
Cloud Security: Understanding of cloud security monitoring and detection across AWS, GCP, and Azure environments
Analytical Mindset: Ability to identify gaps, define clear vision for improvement, and guide teams toward maturity

Preferred

Splunk SOAR (Phantom) hands-on experience
Splunk UEBA or behavioral analytics platform experience
Risk-Based Alerting (RBA) implementation experience
Threat hunting background with detection engineering application
Infrastructure automation and CI/CD pipeline knowledge
Experience mentoring or leading detection engineering teams
Relevant certifications (GIAC, CISSP, or similar)

Company

Tential Solutions

twittertwittertwitter
company-logo
We put people first. We’re your trusted partner - empowering you with top talent and solutions to stay competitive in today’s dynamic market.
dateFounded in 2003
location
Annapolis, Maryland, USA
people-size501-1000 employees
web-link
https://www.tential.com

H1B Sponsorship

Tential Solutions has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2024 (2)
2023 (1)
2022 (3)
2020 (11)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Shane Ireland
Chief Executive Officer
linkedin
leader-logo
Quinn Salamandra
Co-Founder
linkedin

Recent News

Australian Financial Review
PE giant EQT pays $250m for Potentia’s NewBook; 6.5 times money
2024-05-02
Business Journals
IT company Tential Solutions set to open first Carolinas office in Charlotte
2024-04-12
Company data provided by crunchbase