Automation / SOAR Engineer – Senior
MKS2 Technologies, LLC, an award-winning high growth small business, creates innovative and customer-centric technology solutions in the areas of Cyber Security, Instructional Design and Training, Software Engineering and IT Support Services to improve the security and well-being of our clients. Our commitment to excellence and our “Mission First” orientation has resulted in steady growth and an expanding client base across government agencies. We have employees nationwide and for the past three consecutive years were named one of the fastest growing Veteran-owned companies in the nation. Please take a moment to browse through our website and learn more about what it means to serve with MKS2.
Automation / SOAR Engineer – Senior
Location: National Capital Region (Washington, DC) – Hybrid/Onsite
Clearance: Must be able to pass background check (US work authorization required)
Salary: $150,000-$160,000
Position Overview
We are seeking a Senior Automation / SOAR Engineer to support enterprise cybersecurity operations by designing, implementing, and optimizing security automation and orchestration capabilities. This role is focused on improving incident response speed, consistency, and operational efficiency through the development of automated workflows, integrations, and playbooks across security platforms.
Key Responsibilities
Design, develop, test, and maintain SOAR playbooks and automated security workflows
Integrate SOAR and SIEM platforms with:
Ticketing systems (ServiceNow, etc.)
Endpoint security tools
Identity and access systems
Vulnerability management platforms
Threat intelligence feeds
Automate incident response activities including:
Alert triage
Data enrichment
Case routing and escalation
Documentation and reporting
Develop automation scripts and integrations using Python, PowerShell, Bash, REST APIs, and similar technologies
Collaborate with SOC analysts, incident responders, and stakeholders to identify automation opportunities
Optimize workflows to reduce false positives and manual workload
Maintain documentation, SOPs, implementation plans, and training materials
Track and report automation performance, effectiveness, and operational improvements
Required Qualifications
5–8+ years of experience in:
Cybersecurity engineering
SOC operations or automation
SOAR/SIEM implementation
3+ years of hands-on experience building:
Security automation workflows
Playbooks and orchestration capabilities
Experience integrating SOAR/SIEM with enterprise security tools and systems
Experience supporting automation in:
Incident response
Alert triage and enrichment
Case management
Technical Skills
Strong scripting and automation experience:
Python, PowerShell, Bash
REST APIs, JSON, webhooks
Git or version control
Experience with security tools such as:
Splunk, Microsoft Sentinel, Elastic
CrowdStrike, Microsoft Defender (MDE)
Tenable, Rapid7
ServiceNow, Tanium
Experience building automation for:
Phishing response
Endpoint alert enrichment
Vulnerability workflows
Incident routing and escalation
Education
Bachelor’s degree in Cybersecurity, IT, Computer Science, Engineering, or related field (or equivalent experience)
Certifications (Preferred)
SOAR / SIEM / Security certifications such as:
Cortex XSOAR, Splunk SOAR, Swimlane
Microsoft Sentinel
CISSP, CASP+, CySA+, Security+
Cloud security certifications
Additional Qualifications
Knowledge of:
MITRE ATT&CK framework
NIST 800-61 incident response lifecycle
SOC operational processes
Ability to document workflows and train SOC teams
Strong analytical and problem-solving skills
Nice to Have
Experience in federal or regulated environments
Familiarity with enterprise-scale cybersecurity operations
Experience optimizing SOC performance metrics
Ideal Candidate Profile
Hands-on builder (not just admin) of automation/playbooks
Strong integration/API background
Experienced in operational SOC environments
Comfortable working cross-functionally with engineering and operations
Diversity creates a healthier atmosphere: MKS2 Technologies is proud to be an Equal Employment Opportunity / Affirmative Action employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.