Remote SOAR Engineer Consultant

Piper Companies is seeking a Remote SOAR Engineer Consultant to join an international leader in cybersecurity services. The SOAR Engineer Consultant will play a pivotal role in assisting with development and deployment of XSOAR playbooks for clients.

Responsibilities of the SOAR Engineer Consultant include:

• Develop and implement custom XSOAR playbooks, ensuring efficient automation workflows.
• Write, optimize, and maintain Python-based APIs to support integrations and automation efforts.
• Collaborate with technical leads to create and refine a log ingestion strategy aligned with security objectives.
• Contribute to detection strategies, leveraging industry best practices such as MITRE ATT&CK and NIST frameworks.
• Tune and optimize log sources, correlation rules, and alerting mechanisms for SIEM and SOAR platforms.
• Identify opportunities for automation within Security Operations Center (SOC) workflows, improving incident response efficiency.
• Act as a Subject Matter Expert (SME) on SOAR and SIEM technologies, assisting clients with best practices and implementation.
• Work closely with internal and external teams to drive product adoption and successful deployments.
• Provide clear, technical documentation detailing SOAR and SIEM processes, ensuring streamlined operations.

Qualifications for the SOAR Engineer Consultant:                                                                        

• 5+ years of experience in automation and cybersecurity, with a strong focus on SOAR (XSOAR preferred, but SOAR alternatives like Swimlane accepted).
• Expert-level Python skills, including the ability to process unformatted files, retrieve data via API calls with error handling, and optimize scripts without external resources.
• Hands-on experience developing and customizing SOAR playbooks for real-world security operations use cases.
• Strong understanding of SOC operations, including tooling, processes, and security frameworks (MITRE ATT&CK, NIST).
• Experience with SIEM technologies (Splunk, IBM QRadar, etc.), including log source integration, event correlation, and rule tuning.
• Ability to differentiate between SOC and SIEM, understanding their roles in cybersecurity automation and incident response.
• Strong automation mindset, capable of identifying areas for efficiency within SIEM and SOC workflows.
• Knowledge of security analysis & response across endpoint, network, and cloud-based environments is a plus.
• Relevant bachelor’s degree or industry certifications (CISSP, GIAC, SIEM Vendor Qualification, etc.)

Compensation for the SOAR Engineer Consultant:

• Salary Range: $140,000 - $155,000
• Comprehensive Benefits: Medical, Dental, Vision, 401K, PTO, Sick Leave as required by law, and Holidays

This job opens for applications on 5/14/25. Applications for this job will be accepted for at least 30 days from the posting date.

Keywords: #LI-MM1 #LI-REMOTE

XSOAR Consultant, SIEM Engineer, Cortex XSIAM, Log Migration, Detection Strategy, SIEM, Log Ingestion, Correlation Rules, Threat Detection, Security Operations, Cybersecurity, Enterprise Security, Security Information and Event Management, Splunk, IBM QRadar, Security Automation, Compliance Monitoring, Identity Monitoring, Regular Expressions, Log Analysis, SIEM Technologies, Security Analysis, Endpoint Security, Network Security, Cloud Security, Security Operation Centers, Technical Documentation, Industry Best Practices, Customer Requirements, Automation, Alert Handling, Subject Matter Expert, CISSP, GIAC, SIEM Vendor Qualification