Senior SOC Engineer (Detection Engineering & Automation)
Title: Senior SOC Engineer (Detection Engineering & Automation)
Location: Rockville, Maryland or McLean, VA
Target Start Date: ASAP
Type: contract
Pay Rate: DOE
We are building a mature, scalable Security Operations Center and are seeking a senior SOC engineer with deep experience in detection engineering and security automation. This role is ideal for someone who has worked in a high-performing SOC and can help define what "good" looks like-technically and operationally.
You will lead efforts to design effective detections, reduce alert fatigue through risk-based approaches, and automate response workflows that enable analysts to work efficiently and at scale. The role is highly hands-on and collaborates closely with threat intelligence, threat hunting, and platform engineering teams.
Key Responsibilities
Detection Engineering
• Design and implement detection use cases aligned to the MITRE ATT&CK framework
• Assess detection coverage, identify gaps, and drive remediation roadmaps
• Build, tune, and maintain correlation searches and alerts within enterprise SIEM platforms
• Implement risk-based alerting methodologies to improve signal quality
• Develop and maintain detections across on-prem and multi-cloud environments
• Continuously refine detections based on SOC feedback and incident outcomes
Security Automation & Orchestration
• Design and implement automated response playbooks using SOAR platforms
• Integrate security tools to support automated investigation and response workflows
• Develop scripts and automations (Python, PowerShell, Bash) to streamline SOC operations
• Create reusable automation frameworks that scale across multiple use cases
• Partner with engineering teams to ensure automation reliability and performance
SOC Architecture & Strategy
• Define and contribute to a mature SOC operating model and technical architecture
• Identify shortcomings in existing SOC capabilities and recommend improvements
• Establish standards and best practices for detection engineering and response
• Provide technical mentorship and guidance to SOC and platform engineers
• Contribute to long-term SOC strategy and capability growth
Collaboration & Operations
• Partner with threat intelligence and threat hunting teams to operationalize research
• Work closely with SOC analysts to improve detection quality and workflows
• Participate in incident response to validate and enhance detections and automation
• Document detection logic, playbooks, and technical designs
Required Qualifications
• 5 years of experience in a Security Operations Center environment
• Strong hands-on experience with enterprise SIEM platforms (e.g., building detections, alerts, dashboards)
• Proven detection engineering experience, including alert tuning and coverage analysis
• Practical application of the MITRE ATT&CK framework
• Experience building automated response workflows using SOAR platforms
• Proficiency in scripting languages such as Python, PowerShell, or Bash
• Experience monitoring and detecting threats in cloud environments
• Strong analytical skills with the ability to define vision and drive SOC maturity
Preferred Qualifications
• Hands-on experience with Splunk SOAR and/or behavioral analytics platforms
• Risk-Based Alerting (RBA) implementation experience
• Threat hunting background with applied detection engineering
• CI/CD or infrastructure automation experience
• Experience mentoring or leading detection engineering efforts
• Relevant security certifications (GIAC, CISSP, or similar)
Role Scope & Growth
This is a senior individual contributor role with significant influence over detection strategy, automation, and SOC maturity. The position offers the opportunity to shape security operations, establish engineering standards, and grow into a technical leadership role as the SOC continues to expand.
Welcome to ConsultNet, a premier national provider of technology talent and solutions. Our expertise spans across project services, contract-to-hire, direct search, and managed services onshore, nearshore, and hybrid.
For over 25 years, we have connected thousands of consultants with meaningful roles through a personal, communication-driven approach, partnering with a diverse client base to build high-performing teams and create lasting impact.
Our comprehensive service offerings cover a wide range of technology and engineering positions across key markets nationwide. Learn more at www.consultnet.com .
We champion equality and inclusivity, proudly supporting an Equal Opportunity Employer policy. We welcome applicants regardless of Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other status protected by law.
Apply Now
Apply Now
Location: Rockville, Maryland or McLean, VA
Target Start Date: ASAP
Type: contract
Pay Rate: DOE
We are building a mature, scalable Security Operations Center and are seeking a senior SOC engineer with deep experience in detection engineering and security automation. This role is ideal for someone who has worked in a high-performing SOC and can help define what "good" looks like-technically and operationally.
You will lead efforts to design effective detections, reduce alert fatigue through risk-based approaches, and automate response workflows that enable analysts to work efficiently and at scale. The role is highly hands-on and collaborates closely with threat intelligence, threat hunting, and platform engineering teams.
Key Responsibilities
Detection Engineering
• Design and implement detection use cases aligned to the MITRE ATT&CK framework
• Assess detection coverage, identify gaps, and drive remediation roadmaps
• Build, tune, and maintain correlation searches and alerts within enterprise SIEM platforms
• Implement risk-based alerting methodologies to improve signal quality
• Develop and maintain detections across on-prem and multi-cloud environments
• Continuously refine detections based on SOC feedback and incident outcomes
Security Automation & Orchestration
• Design and implement automated response playbooks using SOAR platforms
• Integrate security tools to support automated investigation and response workflows
• Develop scripts and automations (Python, PowerShell, Bash) to streamline SOC operations
• Create reusable automation frameworks that scale across multiple use cases
• Partner with engineering teams to ensure automation reliability and performance
SOC Architecture & Strategy
• Define and contribute to a mature SOC operating model and technical architecture
• Identify shortcomings in existing SOC capabilities and recommend improvements
• Establish standards and best practices for detection engineering and response
• Provide technical mentorship and guidance to SOC and platform engineers
• Contribute to long-term SOC strategy and capability growth
Collaboration & Operations
• Partner with threat intelligence and threat hunting teams to operationalize research
• Work closely with SOC analysts to improve detection quality and workflows
• Participate in incident response to validate and enhance detections and automation
• Document detection logic, playbooks, and technical designs
Required Qualifications
• 5 years of experience in a Security Operations Center environment
• Strong hands-on experience with enterprise SIEM platforms (e.g., building detections, alerts, dashboards)
• Proven detection engineering experience, including alert tuning and coverage analysis
• Practical application of the MITRE ATT&CK framework
• Experience building automated response workflows using SOAR platforms
• Proficiency in scripting languages such as Python, PowerShell, or Bash
• Experience monitoring and detecting threats in cloud environments
• Strong analytical skills with the ability to define vision and drive SOC maturity
Preferred Qualifications
• Hands-on experience with Splunk SOAR and/or behavioral analytics platforms
• Risk-Based Alerting (RBA) implementation experience
• Threat hunting background with applied detection engineering
• CI/CD or infrastructure automation experience
• Experience mentoring or leading detection engineering efforts
• Relevant security certifications (GIAC, CISSP, or similar)
Role Scope & Growth
This is a senior individual contributor role with significant influence over detection strategy, automation, and SOC maturity. The position offers the opportunity to shape security operations, establish engineering standards, and grow into a technical leadership role as the SOC continues to expand.
Welcome to ConsultNet, a premier national provider of technology talent and solutions. Our expertise spans across project services, contract-to-hire, direct search, and managed services onshore, nearshore, and hybrid.
For over 25 years, we have connected thousands of consultants with meaningful roles through a personal, communication-driven approach, partnering with a diverse client base to build high-performing teams and create lasting impact.
Our comprehensive service offerings cover a wide range of technology and engineering positions across key markets nationwide. Learn more at www.consultnet.com .
We champion equality and inclusivity, proudly supporting an Equal Opportunity Employer policy. We welcome applicants regardless of Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other status protected by law.
Apply Now
Apply Now