Automation / SOAR Engineer – Senior

MKS2 Technologies · Hybrid - Onsite · Engineering

Posted 2026-06-05

Apply for this role →

MKS2 Technologies, LLC, an award-winning high growth small business, creates innovative and customer-centric technology solutions in the areas of Cyber Security, Instructional Design and Training, Software Engineering and IT Support Services to improve the security and well-being of our clients. Our commitment to excellence and our “Mission First” orientation has resulted in steady growth and an expanding client base across government agencies. We have employees nationwide and for the past three consecutive years were named one of the fastest growing Veteran-owned companies in the nation. Please take a moment to browse through our website and learn more about what it means to serve with MKS2.

Automation / SOAR Engineer – Senior

Location: National Capital Region (Washington, DC) – Hybrid/Onsite

Clearance: Must be able to pass background check (US work authorization required)

Salary: $150,000-$160,000

Position Overview

We are seeking a Senior Automation / SOAR Engineer to support enterprise cybersecurity operations by designing, implementing, and optimizing security automation and orchestration capabilities. This role is focused on improving incident response speed, consistency, and operational efficiency through the development of automated workflows, integrations, and playbooks across security platforms.

Key Responsibilities

Design, develop, test, and maintain SOAR playbooks and automated security workflows

Integrate SOAR and SIEM platforms with:

Ticketing systems (ServiceNow, etc.)

Endpoint security tools

Identity and access systems

Vulnerability management platforms

Threat intelligence feeds

Automate incident response activities including:

Alert triage

Data enrichment

Case routing and escalation

Documentation and reporting

Develop automation scripts and integrations using Python, PowerShell, Bash, REST APIs, and similar technologies

Collaborate with SOC analysts, incident responders, and stakeholders to identify automation opportunities

Optimize workflows to reduce false positives and manual workload

Maintain documentation, SOPs, implementation plans, and training materials

Track and report automation performance, effectiveness, and operational improvements

Required Qualifications

5–8+ years of experience in:

Cybersecurity engineering

SOC operations or automation

SOAR/SIEM implementation

3+ years of hands-on experience building:

Security automation workflows

Playbooks and orchestration capabilities

Experience integrating SOAR/SIEM with enterprise security tools and systems

Experience supporting automation in:

Incident response

Alert triage and enrichment

Case management

Technical Skills

Strong scripting and automation experience:

Python, PowerShell, Bash

REST APIs, JSON, webhooks

Git or version control

Experience with security tools such as:

Splunk, Microsoft Sentinel, Elastic

CrowdStrike, Microsoft Defender (MDE)

Tenable, Rapid7

ServiceNow, Tanium

Experience building automation for:

Phishing response

Endpoint alert enrichment

Vulnerability workflows

Incident routing and escalation

Education

Bachelor’s degree in Cybersecurity, IT, Computer Science, Engineering, or related field (or equivalent experience)

Certifications (Preferred)

SOAR / SIEM / Security certifications such as:

Cortex XSOAR, Splunk SOAR, Swimlane

Microsoft Sentinel

CISSP, CASP+, CySA+, Security+

Cloud security certifications

Additional Qualifications

Knowledge of:

MITRE ATT&CK framework

NIST 800-61 incident response lifecycle

SOC operational processes

Ability to document workflows and train SOC teams

Strong analytical and problem-solving skills

Nice to Have

Experience in federal or regulated environments

Familiarity with enterprise-scale cybersecurity operations

Experience optimizing SOC performance metrics

Ideal Candidate Profile

Hands-on builder (not just admin) of automation/playbooks

Strong integration/API background

Experienced in operational SOC environments

Comfortable working cross-functionally with engineering and operations

Diversity creates a healthier atmosphere: MKS2 Technologies is proud to be an Equal Employment Opportunity / Affirmative Action employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.

Apply for this role →

← Back to all crypto jobs