Security Consultant (SOAR) - Contract - Columbia, SC Remote

Security Consultant (SOAR)

Location:Remote

Interview Process:1 round, Virtual/Online - potential for a 2ndround onsite as needed

Duration:12Months
Employment Type: Contract
Experience Required: 08+ Years

Candidate Location: NoSC residency required. Open to nationwide candidates.

Project Scope:

Seeking an experienced Security Consultant toserve as a Security Orchestration, Automation, and Response (SOAR) Engineerwithin an enterprise Information Security organization. This role will focus ondesigning, developing, and optimizing security automation workflows, playbooks,and integrations across the enterprise security ecosystem.

The consultant will be responsible forenhancing the organization's SOAR platform capabilities by automating securityoperations, improving incident response efficiency, and integrating securitytools such as SIEM, EDR, firewalls, and other security technologies. This rolewill also collaborate closely with internal security teams and externalstakeholders to drive adoption of centralized security services and improveoperational effectiveness.

Key Responsibilities:

SOAR Platform Engineering & Administration

• Design, develop, implement, and maintain automation workflows within the enterprise SOAR platform
  
• Build and optimize security orchestration playbooks for incident detection, triage, investigation, and response
  
• Continuously improve existing automations to enhance efficiency, scalability, and response times
  
• Administer and maintain SOAR platform configurations, workflows, and integrations
  

Automation Development & Optimization

• Develop automated response workflows for security alerts and incidents
  
• Create logic-driven playbooks to reduce manual intervention and accelerate remediation
  
• Identify opportunities to automate repetitive security operations tasks
  
• Optimize existing automation processes for performance, reliability, and operational effectiveness
  

Integration Engineering

• Build and maintain integrations between the SOAR platform and enterprise security tools, including:
  
• SIEM platforms
  
• Endpoint Detection and Response (EDR) solutions
  
• Firewalls
  
• Threat intelligence platforms
  
• Ticketing and case management systems
  
• Develop and maintain API-based integrations with internal and external systems
  

Custom Scripting & Development

• Develop custom scripts and connectors when out-of-the-box integrations do not meet business requirements
  
• Utilize scripting languages such as Python, PowerShell, or Bash to extend SOAR functionality
  
• Create reusable automation modules and supporting utilities
  
• Ensure code quality, maintainability, and adherence to security best practices
  

Security Operations Support

• Collaborate with Security Operations Center (SOC), Incident Response (IR), and Engineering teams
  
• Support incident investigation, response, and remediation activities through automation
  
• Enhance security monitoring and response capabilities through improved workflows
  
• Assist in operationalizing new security use cases and response procedures
  

Documentation & Knowledge Management

• Develop and maintain comprehensive documentation for:
  
• Playbooks
  
• Runbooks
  
• Integration configurations
  
• Troubleshooting procedures
  
• Standard operating procedures
  
• Ensure documentation is current, accurate, and accessible
  

Stakeholder Engagement & Collaboration

• Engage directly with internal teams and external stakeholders to understand requirements
  
• Support adoption of centralized security services across multiple organizations or agencies
  
• Provide technical guidance, training, and best practices related to SOAR capabilities
  
• Deliver excellent customer service and communication in stakeholder-facing interactions
  

Reporting & Dashboard Development

• Design and maintain operational dashboards and reporting metrics
  
• Develop reports to measure automation effectiveness, incident response improvements, and platform utilization
  
• Provide insights into security operations performance and trends
  

Required Skills & Experience:

·5+ years ofexperience with SOAR platforms or security automation solutions

·8+ years ofexperience in security architecture may be substituted in lieu of education

·5+ years ofexperience supporting large enterprise IT environments or system deployments

·Strong hands-onexperience with automation platform design, implementation, and administration

·Experience withRest API's, JSON, and YAML

·Experience withscripting and automation (Python, Bash, PowerShell, or similar)

·Familiarity withMITRE ATT & CK framework

·Experienceworking in multi-tenancy environment; multi-agency or enterprise serviceprojects

Preferred Skills:

·Hands-onexperience with Cortex XSOAR

·Experiencedeveloping advanced security automation playbooks

·Knowledge ofSIEM, EDR, and threat intelligence integrations

·Experiencesupporting enterprise incident response and SOC operations

·Experiencecreating dashboards and operational reporting

·Prior experiencein public sector, multi-agency, or large enterprise service environments

Education:
Bachelor’s degree in Information Technology, Information Security, ComputerScience, or related field

Preferred Certifications:

• CISSP (Certified Information Systems Security Professional)
  
• CISA (Certified Information Systems Auditor)
  
• CISM or equivalent advanced security certification
  
• CEH, OSCP, GPEN, or similar cybersecurity certifications
  
• Vendor-specific certifications in SOAR or automation platforms