GuidePoint Security LLC
SOAR Engineer - DC Metro (hybrid)
GuidePoint Security LLC, Washington, District of Columbia, us, 20022
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nations top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.
A US Citizen is required prior to consideration for this role to support the US Govt. Work is mostly remote but requires someone living in the DC Metro area.
What Youll Get To Do:
Automate SOC processes by designing and implementing playbooks in a SOAR platform
to reduce manual effort, increase consistency, and accelerate response times. Build and enhance incident response workflows using automation , ensuring they align with real-world analyst needs and security best practices. Collaborate with SOC analysts to identify repetitive tasks and propose targeted automation use cases
that improve efficiency and accuracy. Standardize and streamline customer-specific workflows through custom-built SOAR playbooks , driving consistent and scalable response across environments. Develop and maintain reporting dashboards within the SOAR platform
to provide visibility into automation performance, incident metrics, and operational KPIs. Integrate SOAR with core SOC tools such as ticketing systems, monitoring platforms, and SIEMs , enabling seamless, end-to-end workflow automation. Automate enrichment and context gathering tasks for alerts , such as domain/IP reputation lookups, user behavior analysis, and threat intelligence correlation. Support ad hoc requests from stakeholders by building custom SOAR actions, playbooks, or detections
that address urgent or emerging threats. Maintain and evolve incident response playbooks inside the SOAR platform , ensuring they stay aligned with organizational goals and evolving threat landscapes. Become a trusted advisor on automation strategy by developing an in-depth understanding of the customers critical assets, systems, and workflows
to prioritize impactful automation. Design advanced detection and response playbooks that support proactive monitoring and early warning for high-value targets or potential targeted attacks . Contribute to the broader SOC mission by participating in alert triage and continuous improvement of automated responses , particularly when tuning or adjusting playbook logic based on real-world feedback. These Qualifications Would Be Nice To Have:
Experience managing or developing detection logic for enterprise SIEM systems Experience with exploitation techniques and use case development Experience with IOC datasets (e.g., YARA, OpenIOC, STIX) Experience deploying to, and leveraging cloud environments (AWS, Azure, GCP) to extend operational capabilities Strong knowledge of network monitoring and network exploitation techniques, including the MITRE ATT&CK technique framework and other common attack vectors We are an equal opportunity employer. GuidePoint Security prohibits discrimination and harassment of any kind. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law.
#J-18808-Ljbffr
Automate SOC processes by designing and implementing playbooks in a SOAR platform
to reduce manual effort, increase consistency, and accelerate response times. Build and enhance incident response workflows using automation , ensuring they align with real-world analyst needs and security best practices. Collaborate with SOC analysts to identify repetitive tasks and propose targeted automation use cases
that improve efficiency and accuracy. Standardize and streamline customer-specific workflows through custom-built SOAR playbooks , driving consistent and scalable response across environments. Develop and maintain reporting dashboards within the SOAR platform
to provide visibility into automation performance, incident metrics, and operational KPIs. Integrate SOAR with core SOC tools such as ticketing systems, monitoring platforms, and SIEMs , enabling seamless, end-to-end workflow automation. Automate enrichment and context gathering tasks for alerts , such as domain/IP reputation lookups, user behavior analysis, and threat intelligence correlation. Support ad hoc requests from stakeholders by building custom SOAR actions, playbooks, or detections
that address urgent or emerging threats. Maintain and evolve incident response playbooks inside the SOAR platform , ensuring they stay aligned with organizational goals and evolving threat landscapes. Become a trusted advisor on automation strategy by developing an in-depth understanding of the customers critical assets, systems, and workflows
to prioritize impactful automation. Design advanced detection and response playbooks that support proactive monitoring and early warning for high-value targets or potential targeted attacks . Contribute to the broader SOC mission by participating in alert triage and continuous improvement of automated responses , particularly when tuning or adjusting playbook logic based on real-world feedback. These Qualifications Would Be Nice To Have:
Experience managing or developing detection logic for enterprise SIEM systems Experience with exploitation techniques and use case development Experience with IOC datasets (e.g., YARA, OpenIOC, STIX) Experience deploying to, and leveraging cloud environments (AWS, Azure, GCP) to extend operational capabilities Strong knowledge of network monitoring and network exploitation techniques, including the MITRE ATT&CK technique framework and other common attack vectors We are an equal opportunity employer. GuidePoint Security prohibits discrimination and harassment of any kind. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law.
#J-18808-Ljbffr