Security Consultant (SOAR) - Contract - Columbia, SC Remote

Security Consultant (SOAR)

Location: Remote

Interview Process: 1 round, Virtual/Online - potential for a 2nd round onsite as needed

Duration: 12 Months
Employment Type: Contract
Experience Required: 08+ Years

Candidate Location: No SC residency required. Open to nationwide candidates. 

 

Project Scope:

Seeking an experienced Security Consultant to serve as a Security Orchestration, Automation, and Response (SOAR) Engineer within an enterprise Information Security organization. This role will focus on designing, developing, and optimizing security automation workflows, playbooks, and integrations across the enterprise security ecosystem.

The consultant will be responsible for enhancing the organization's SOAR platform capabilities by automating security operations, improving incident response efficiency, and integrating security tools such as SIEM, EDR, firewalls, and other security technologies. This role will also collaborate closely with internal security teams and external stakeholders to drive adoption of centralized security services and improve operational effectiveness.

 

Key Responsibilities:

SOAR Platform Engineering & Administration

Design, develop, implement, and maintain automation workflows within the enterprise SOAR platform

Build and optimize security orchestration playbooks for incident detection, triage, investigation, and response

Continuously improve existing automations to enhance efficiency, scalability, and response times

Administer and maintain SOAR platform configurations, workflows, and integrations

Automation Development & Optimization

Develop automated response workflows for security alerts and incidents

Create logic-driven playbooks to reduce manual intervention and accelerate remediation

Identify opportunities to automate repetitive security operations tasks

Optimize existing automation processes for performance, reliability, and operational effectiveness

Integration Engineering

Build and maintain integrations between the SOAR platform and enterprise security tools, including:

SIEM platforms

Endpoint Detection and Response (EDR) solutions

Firewalls

Threat intelligence platforms

Ticketing and case management systems

Develop and maintain API-based integrations with internal and external systems

Custom Scripting & Development

Develop custom scripts and connectors when out-of-the-box integrations do not meet business requirements

Utilize scripting languages such as Python, PowerShell, or Bash to extend SOAR functionality

Create reusable automation modules and supporting utilities

Ensure code quality, maintainability, and adherence to security best practices

Security Operations Support

Collaborate with Security Operations Center (SOC), Incident Response (IR), and Engineering teams

Support incident investigation, response, and remediation activities through automation

Enhance security monitoring and response capabilities through improved workflows

Assist in operationalizing new security use cases and response procedures

Documentation & Knowledge Management

Develop and maintain comprehensive documentation for:

Playbooks

Runbooks

Integration configurations

Troubleshooting procedures

Standard operating procedures

Ensure documentation is current, accurate, and accessible

Stakeholder Engagement & Collaboration

Engage directly with internal teams and external stakeholders to understand requirements

Support adoption of centralized security services across multiple organizations or agencies

Provide technical guidance, training, and best practices related to SOAR capabilities

Deliver excellent customer service and communication in stakeholder-facing interactions

Reporting & Dashboard Development

Design and maintain operational dashboards and reporting metrics

Develop reports to measure automation effectiveness, incident response improvements, and platform utilization

Provide insights into security operations performance and trends

 

Required Skills & Experience:

·        5+ years of experience with SOAR platforms or security automation solutions

·        8+ years of experience in security architecture may be substituted in lieu of education

·        5+ years of experience supporting large enterprise IT environments or system deployments

·        Strong hands-on experience with automation platform design, implementation, and administration

·        Experience with Rest API's, JSON, and YAML

·        Experience with scripting and automation (Python, Bash, PowerShell, or similar)

·        Familiarity with MITRE ATT & CK framework

·        Experience working in multi-tenancy environment; multi-agency or enterprise service projects

 

Preferred Skills:

·        Hands-on experience with Cortex XSOAR

·        Experience developing advanced security automation playbooks

·        Knowledge of SIEM, EDR, and threat intelligence integrations

·        Experience supporting enterprise incident response and SOC operations

·        Experience creating dashboards and operational reporting

·        Prior experience in public sector, multi-agency, or large enterprise service environments

 

Education:
Bachelor’s degree in Information Technology, Information Security, Computer Science, or related field

 

Preferred Certifications:

CISSP (Certified Information Systems Security Professional)

CISA (Certified Information Systems Auditor)

CISM or equivalent advanced security certification

CEH, OSCP, GPEN, or similar cybersecurity certifications

Vendor-specific certifications in SOAR or automation platforms