Security Consultant (SOAR) - Contract - Columbia, SC Remote

Security Consultant (SOAR) Location: Remote Interview Process: 1 round, Virtual/Online - potential for a 2nd round onsite as needed Duration: 12 Months Employment Type: Contract Experience Required: 08+ Years Candidate Location: No SC residency required. Open to nationwide candidates. Project Scope: Seeking an experienced Security Consultant to serve as a Security Orchestration, Automation, and Response (SOAR) Engineer within an enterprise Information Security organization. This role will focus on designing, developing, and optimizing security automation workflows, playbooks, and integrations across the enterprise security ecosystem. The consultant will be responsible for enhancing the organization's SOAR platform capabilities by automating security operations, improving incident response efficiency, and integrating security tools such as SIEM, EDR, firewalls, and other security technologies. This role will also collaborate closely with internal security teams and external stakeholders to drive adoption of centralized security services and improve operational effectiveness. Key Responsibilities: SOAR Platform Engineering & Administration Design, develop, implement, and maintain automation workflows within the enterprise SOAR platform Build and optimize security orchestration playbooks for incident detection, triage, investigation, and response Continuously improve existing automations to enhance efficiency, scalability, and response times Administer and maintain SOAR platform configurations, workflows, and integrations Automation Development & Optimization Develop automated response workflows for security alerts and incidents Create logic-driven playbooks to reduce manual intervention and accelerate remediation Identify opportunities to automate repetitive security operations tasks Optimize existing automation processes for performance, reliability, and operational effectiveness Integration Engineering Build and maintain integrations between the SOAR platform and enterprise security tools, including: SIEM platforms Endpoint Detection and Response (EDR) solutions Firewalls Threat intelligence platforms Ticketing and case management systems Develop and maintain API-based integrations with internal and external systems Custom Scripting & Development Develop custom scripts and connectors when out-of-the-box integrations do not meet business requirements Utilize scripting languages such as Python, PowerShell, or Bash to extend SOAR functionality Create reusable automation modules and supporting utilities Ensure code quality, maintainability, and adherence to security best practices Security Operations Support Collaborate with Security Operations Center (SOC), Incident Response (IR), and Engineering teams Support incident investigation, response, and remediation activities through automation Enhance security monitoring and response capabilities through improved workflows Assist in operationalizing new security use cases and response procedures Documentation & Knowledge Management Develop and maintain comprehensive documentation for: Playbooks Runbooks Integration configurations Troubleshooting procedures Standard operating procedures Ensure documentation is current, accurate, and accessible Stakeholder Engagement & Collaboration Engage directly with internal teams and external stakeholders to understand requirements Support adoption of centralized security services across multiple organizations or agencies Provide technical guidance, training, and best practices related to SOAR capabilities Deliver excellent customer service and communication in stakeholder-facing interactions Reporting & Dashboard Development Design and maintain operational dashboards and reporting metrics Develop reports to measure automation effectiveness, incident response improvements, and platform utilization Provide insights into security operations performance and trends Required Skills & Experience: · 5+ years of experience with SOAR platforms or security automation solutions · 8+ years of experience in security architecture may be substituted in lieu of education · 5+ years of experience supporting large enterprise IT environments or system deployments · Strong hands-on experience with automation platform design, implementation, and administration · Experience with Rest API's, JSON, and YAML · Experience with scripting and automation (Python, Bash, PowerShell, or similar) · Familiarity with MITRE ATT & CK framework · Experience working in multi-tenancy environment; multi-agency or enterprise service projects Preferred Skills: · Hands-on experience with Cortex XSOAR · Experience developing advanced security automation playbooks · Knowledge of SIEM, EDR, and threat intelligence integrations · Experience supporting enterprise incident response and SOC operations · Experience creating dashboards and operational reporting · Prior experience in public sector, multi-agency, or large enterprise service environments Education: Bachelor’s degree in Information Technology, Information Security, Computer Science, or related field Preferred Certifications: CISSP (Certified Information Systems Security Professional) CISA (Certified Information Systems Auditor) CISM or equivalent advanced security certification CEH, OSCP, GPEN, or similar cybersecurity certifications Vendor-specific certifications in SOAR or automation platforms Apply To This Job