SOAR Engineer
ECS Corporate Services

Fairfax, Virginia

This job has expired.


ECS is seeking a SOAR Engineer to work in our Fairfax, VA office.

Job Description:
As a leading managed cybersecurity services provider, ECS delivers a highly tailored and customized offering to each customer. Our team is responsible for protecting the ECS corporate and customer networks. Our mission is broad, and our team is agile. We will leverage your unique skills to help solve customers' challenges, such as engineering a system to address a technical hurdle, protecting customer data, or consulting on a wide range of security topics. You are empowered to engage and lead across multiple groups and must have the self-sufficiency and focus to work well without constant oversight.

Our Security Orchestration, Automation, and Response (SOAR) Engineers support our commercial customers on behalf of the ECS MSSP. They are responsible for driving the strategy, evaluation, process, execution, and operations of the SOAR Program.

Responsibilities:

  • Work closely with the Security Operations Center (SOC) and Security Engineering teams to improve existing automation and deliver resilient security solutions.
  • Install, configure, operate, and support integration of SOAR on multiple systems
  • Assess, design, and improve SOC processes and workflows with a focus on integrating automation through Security Orchestration, Automation and Response (SOAR) tools and technologies.
  • Implement new SOC automation and ensure continued compatibility with existing detection and response tools.
  • Integrate new logging sources and build playbooks to properly triage and respond to security incidents while reducing the time needed to analyze each event.
  • Develop custom scripts to automate current detection and response workflows.
  • Analyze SOC alerts statistics and workflows to reduce false positives and properly focus engineering efforts.
  • Build pipelines to enrich logs and alert results to provide a comprehensive view for SOC analysts.
  • Perform API integrations with other 3rd party vendor software.
  • Operate and help mature SOC playbooks, workflow automations, and use-cases to protect the MSSP's customers.
  • Other duties as assigned
Required Skills:
  • Experience with Security Orchestration, Automation and Response (SOAR) tools and technologies (e.g., Swimlane, Sentinel, XSOAR/Demisto, Tines, Siemplify, Phantom, etc.)
  • Experience with Python and JavaScript languages for automation.
  • Experience with operating system internals for both Linux and Windows platforms.
  • Able to work independently with little guidance while managing competing priorities.
  • Ability to support on-site travel with customers or at ECS offices within the United States or OCONUS. Any travel will be short in duration and well-planned.
  • Possess and maintain a U.S. Passport.
  • Wear professional business attire for in-person meetings and teleconferences with internal and external organizations.
  • Other duties as assigned.
  • Ability to achieve a Secret clearance.
  • Bachelor's degree in Computer Science, Information Security, Information Systems, Engineering, or similar technical field. Will consider experience in lieu of degree for highly qualified candidates.
Desired Skills:
  • Understanding of classic and emerging threat actor tactics, techniques, and procedures in both pre and post-exploitation phases of attack lifecycles.
  • Experience using Python for the purpose of automating security operations and incident response processes.
  • Strong understanding of security architecture, tool integration, API development and automation.
  • Deep understanding of Incident Response processes.
  • Understanding of common SOC and SOAR processes and workflows.
  • Working knowledge of network TCP/IP protocols.
  • Experience using ELK, Splunk and/or other SIEMs.
  • Security community contributions (blog posts, white papers, conference talks, tool development, etc.)
  • SANS/GIAC, OSCP or similar certifications.
  • Exceptional written and verbal communication skills.
  • Exceptional organizational skills.
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3000+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.


This job has expired.

Get Hired Faster

Subscribe to job alerts and upload your resume!

*By registering with our site, you agree to our
Terms and Privacy Policy.

More Engineering jobs


Braun Intertec
Fargo, North Dakota
Posted about 3 hours ago
Braun Intertec
Bloomington, Minnesota
Posted about 3 hours ago
Braun Intertec
Bloomington, Minnesota
Posted about 3 hours ago
View Engineering jobs ยป