Soar Automation Splunk Phantom Jobs (NOW HIRING)

MKS2 Technologies, LLC, an award-winning high growth small business, creates innovative and customer-centric technology solutions in the areas of Cyber Security, Instructional Design and Training, Software Engineering and IT Support Services to improve the security and well-being of our clients. Our commitment to excellence and our "Mission First" orientation has resulted in steady growth and an expanding client base across government agencies. We have employees nationwide and for the past three consecutive years were named one of the fastest growing Veteran-owned companies in the nation. Please take a moment to browse through our website and learn more about what it means to serve with MKS2.

Location: National Capital Region (Washington, DC) – Hybrid/Onsite
Clearance: Must be able to pass background check (US work authorization required)

Salary: $150,000-$160,000

We are seeking a Senior Automation / SOAR Engineer to support enterprise cybersecurity operations by designing, implementing, and optimizing security automation and orchestration capabilities. This role is focused on improving incident response speed, consistency, and operational efficiency through the development of automated workflows, integrations, and playbooks across security platforms.

• Design, develop, test, and maintain SOAR playbooks and automated security workflows
• Integrate SOAR and SIEM platforms with:
  • Ticketing systems (ServiceNow, etc.)
  • Endpoint security tools
  • Identity and access systems
  • Vulnerability management platforms
  • Threat intelligence feeds
• Automate incident response activities including:
  • Alert triage
  • Data enrichment
  • Case routing and escalation
  • Documentation and reporting
• Develop automation scripts and integrations using Python, PowerShell, Bash, REST APIs, and similar technologies
• Collaborate with SOC analysts, incident responders, and stakeholders to identify automation opportunities
• Optimize workflows to reduce false positives and manual workload
• Maintain documentation, SOPs, implementation plans, and training materials
• Track and report automation performance, effectiveness, and operational improvements

• 5–8+ years of experience in:
  • Cybersecurity engineering
  • SOC operations or automation
  • SOAR/SIEM implementation
• 3+ years of hands-on experience building:
  • Security automation workflows
  • Playbooks and orchestration capabilities
• Experience integrating SOAR/SIEM with enterprise security tools and systems
• Experience supporting automation in:
  • Incident response
  • Alert triage and enrichment
  • Case management

• Strong scripting and automation experience:
  • Python, PowerShell, Bash
  • REST APIs, JSON, webhooks
  • Git or version control
• Experience with security tools such as:
  • Splunk, Microsoft Sentinel, Elastic
  • CrowdStrike, Microsoft Defender (MDE)
  • Tenable, Rapid7
  • ServiceNow, Tanium
• Experience building automation for:
  • Phishing response
  • Endpoint alert enrichment
  • Vulnerability workflows
  • Incident routing and escalation

• Bachelor's degree in Cybersecurity, IT, Computer Science, Engineering, or related field (or equivalent experience)

• SOAR / SIEM / Security certifications such as:
  • Cortex XSOAR, Splunk SOAR, Swimlane
  • Microsoft Sentinel
  • CISSP, CASP+, CySA+, Security+
  • Cloud security certifications

• Knowledge of:
  • MITRE ATT&CK framework
  • NIST 800-61 incident response lifecycle
  • SOC operational processes
• Ability to document workflows and train SOC teams
• Strong analytical and problem-solving skills

• Experience in federal or regulated environments
• Familiarity with enterprise-scale cybersecurity operations
• Experience optimizing SOC performance metrics

• Hands-on builder (not just admin) of automation/playbooks
• Strong integration/API background
• Experienced in operational SOC environments
• Comfortable working cross-functionally with engineering and operations

Diversity creates a healthier atmosphere: MKS2 Technologies is proud to be an Equal Employment Opportunity / Affirmative Action employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.