ZipRecruiter

Log In

1

Siem Soar Developer Jobs (NOW HIRING)

BreakPoint Labs

SIEM/SOAR Engineer

Charleston, SC · On-site

$115K - $120K/yr

BreakPoint Labs is seeking a SIEM/SOAR Engineer to manage and maintain the CSSP's Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR ...

SmartIPlace

SIEM/SOAR Engineer[Onsite]

Tampa, FL · On-site

SIEM/SOAR Security Engineer Visa: USC, GC, GC-EAD, H4-EAD Interview: Video Mode: Onsite Work Location: Jersey City, NJ / Tampa, FL / Tempe, AZ Work location : Must work onsite for 4 days and 1 day ...

CGI Inc.

SIEM/SOAR Engineer

Knoxville, TN · On-site

SIEM/SOAR Engineer Category: Cyber Security Main location: United States, Tennessee, Knoxville Position ID:J0526-1361 Employment Type: Full Time U.S. - CGI Federal roles - What we do matters By ...

Purple Drive Technologies

Sr. SIEM & SOAR LEAD

Tampa, FL · On-site

$52.25 - $71.50/hr

Design and implement various engineering solutions by working with other stakeholders. Leverage industry trends and market research to adopt the best practices to enhance the SIEM and SOAR platforms.

next page

Showing results 1-20

All JobsSiem Soar Developer Jobs

Siem Soar Developer information

See salary details

$17

$52

$81

How much do siem soar developer jobs pay per hour?

As of Jun 18, 2026, the average hourly pay for siem soar developer in the United States is $52.84, according to ZipRecruiter salary data. Most workers in this role earn between $40.38 and $64.66 per hour, depending on experience, location, and employer.

What are SIEM SOAR Developers?

SIEM SOAR Developers are IT professionals who specialize in designing, implementing, and maintaining Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) systems. They build solutions that help organizations detect, analyze, and respond to cybersecurity threats by integrating automated workflows and advanced analytics. These developers often work closely with security teams to customize SIEM and SOAR platforms, automate incident response tasks, and ensure security tools work together efficiently. Their work is crucial for improving response times and reducing the impact of security incidents.

What are the key skills and qualifications needed to thrive as a SIEM SOAR Developer, and why are they important?

To thrive as a SIEM SOAR Developer, you need a strong background in cybersecurity, scripting/programming (such as Python or JavaScript), and experience with SIEM and SOAR platforms like Splunk, IBM QRadar, or Palo Alto Cortex XSOAR. Familiarity with security event monitoring tools, incident response processes, and relevant certifications (e.g., Splunk Certified, GIAC, or CompTIA Security+) is often required. Problem-solving, analytical thinking, and effective communication are crucial soft skills for designing automations and collaborating with security teams. These skills ensure the effective detection, analysis, and automated response to threats, helping organizations strengthen their security posture.

What are some common challenges faced by SIEM SOAR Developers when integrating new data sources or security tools?

SIEM SOAR Developers often encounter challenges when integrating new data sources or security tools, such as dealing with inconsistent log formats, ensuring data normalization, and maintaining compatibility across diverse systems. Additionally, developers must carefully manage access controls and automation scripts to avoid introducing security gaps. Successful integration typically requires strong collaboration with security analysts and IT teams to understand data flows and ensure that integrations align with organizational security policies.

What is the difference between Siem Soar Developer vs Siem Analyst?

AspectSiem Soar DeveloperSiem Analyst
Primary RoleDesigning, developing, and customizing SOAR playbooks and automation workflowsMonitoring, analyzing, and responding to security alerts within SIEM systems
Skills & CertificationsSIEM/SOAR platform expertise, scripting, security certifications (e.g., CISSP, CEH)SIEM platform knowledge, incident response, security certifications
Work EnvironmentSecurity operations centers, cybersecurity teams, development environmentsSecurity operations centers, incident response teams

While both roles work within cybersecurity and SIEM tools, Siem Soar Developers focus on creating automation and integrations using SOAR platforms, whereas Siem Analysts primarily monitor and analyze security alerts to respond to threats.

SIEM/SOAR Engineer

SIEM/SOAR Engineer

Valiant Solutions, LLC

Charleston, SC • On-site

Full-time

Posted 19 days ago

Job description

Position Description
Valiant Solutions is seeking a Secret-cleared SIEM/SOAR Engineer to join our rapidly growing and innovative cybersecurity team!
SIEM/SOAR Engineer to manage and maintain the CSSP's Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms. This role is responsible for administering an enterprise Elastic cluster while ensuring the performance, availability, and security of these critical systems. The engineer will leverage strong communication, analytical, and problem-solving skills to identify, communicate, and resolve issues, ultimately maximizing the effectiveness and value of CSSP security system investments.
Named one of the Best Places to Work in the Washington DC area for 12 consecutive years, Valiant is proud of our employee-centric culture and commitment to excellence. If you are interested in learning more about Valiant and this opportunity, we invite you to apply now!
Location: Onsite in Charleston, SC.
Clearance Required: Active Secret
Education Requirement: Bachelor's Degree in related field.
Certification Required: DoD 8570 IAT Level II and DoD 8140 CSSP Auditor compliant
Required Experience:
  • Minimum of 3 years of experience in maintaining an enterprise Elastic cluster.
  • Proficiency in managing and maintaining SIEM and SOAR solutions.
  • Experience with Elasticsearch Enterprise (including Logstash and Kibana) for SIEM operations.
  • Understanding of security event and incident management processes.
  • Knowledge of scripting languages (e.g., Python, PowerShell) for automation and integration.
  • Experience with threat detection and response methodologies.
  • Extensive experience with Linux Administration of RHEL Operating Systems.
  • Strong experience with networking protocols, solutions, and methodologies.
  • Excellent troubleshooting and problem-solving skills.
  • Strong documentation skills.
  • Strong communication and interpersonal skills.
  • Ability to work in a team-oriented, collaborative environment.
  • Ability to prioritize and execute tasks in a high-pressure environment.
  • Available for on-call after-hours rotational support as needed.

Responsibilities:
  • Design, implement, and maintain the SIEM and SOAR infrastructure (Elastic and Splunk).
  • Manage and maintain an enterprise Elastic cluster to support SIEM operations for the CSSP.
  • Monitor and analyze security events and incidents to protect information assets.
  • Assist in the develop and maintain use cases, rules, and alerts for threat detection and response.
  • Integrate SIEM and SOAR systems with other security tools and data sources.
  • Automate security operations workflows and incident response procedures using SOAR platforms.
  • Perform regular system monitoring and health checks to ensure the integrity and availability of SIEM and SOAR systems.
  • Conduct performance tuning, capacity planning, and scalability assessments for SIEM and SOAR solutions.
  • Implement and manage data ingestion pipelines for security event data.
  • Perform regular updates, patches, and upgrades for SIEM and SOAR systems.
  • Create and maintain documentation for system configurations, processes, and standard operating procedures.
  • Collaborate with security analysts, operations analysts, incident responders, and other CSSP teams to ensure effective use of SIEM and SOAR capabilities.
  • Provide guidance and support to operations analysts on the use of SIEM and SOAR tools.
  • Stay updated with the latest trends, tools, and best practices in SIEM and SOAR technologies.
  • Conduct research and recommend improvements to enhance the effectiveness of the SIEM and SOAR solutions.

Equal Employment Opportunity
Valiant Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, genetic information, marital status, or veteran status, in accordance with applicable law.
Physical Demands
Sitting or standing at a desk for prolonged periods of time and consistent operation of a computer. Frequent communication and exchanging of accurate information via electronic communication, phones, and in person. Occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the job.
Authorization to Share Resume and Personal Information
By submitting your resume for this position, you authorize Valiant Solutions to share your resume, as well as, personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should Valiant Solutions or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.

Apply