Dragonfli Group
Dragonfli Group is a cybersecurity and IT consulting firm providing services to federal agencies and Fortune 100 enterprises. Headquartered in Washington, DC, Dragonfli supports clients in securing mission-critical systems across on-site, hybrid, and fully remote environments.
This SOAR Automation Engineer role supports a large U.S. federal agency by designing, implementing, and scaling security automation capabilities across a complex enterprise environment. The role is centered on Splunk Phantom (Splunk SOAR) and focuses on automating security operations, improving response and investigation workflows, and integrating AI-enabled enrichment using Azure AI services where appropriate.
This is a hands-on technical role with strategic influence, combining deep engineering work with ownership of automation design and continuous improvement across SOC workflows.
This is a W2 contract, fully remote (CONUS only) role, supporting a large federal agency. Prior federal contracting experience is preferred.
U.S. Citizenship or Permanent Residency is required.
Responsibilities
Design, build, and maintain SOAR automation using Splunk Phantom
Develop and enhance automated playbooks to support detection, response, and investigation workflows
Integrate SOAR with SIEM, security tools, cloud platforms, and on-prem systems
Apply AI-enabled enrichment and decision support using Azure AI services
Lead automation design decisions and guide SOC teams on effective SOAR usage
Improve dashboards, metrics, and operational visibility tied to automated workflows
Collaborate with security analysts, engineers, and stakeholders to identify automation opportunities
Operationalize and scale automation across the security lifecycle
Ensure reliability, maintainability, and documentation of automation solutions
Requirements Must-Have
4+ years of experience building and supporting SOAR / security automation solutions in enterprise environments
Hands-on experience with Splunk Phantom (Splunk SOAR)
Strong background in security workflow automation and playbook development
Experience integrating cloud and on-premise systems via APIs
Working familiarity with Azure AI services and applied AI use cases in cybersecurity
Strong problem-solving and analytical skills
Ability to collaborate across technical and non-technical teams
Excellent written and verbal communication skills
Bachelor’s degree in a cyber-related field or equivalent experience/certifications
Nice-To-Have
Federal cybersecurity environments
SOC operations and incident response workflows
Python or scripting for automation
SIEM integration (Splunk Enterprise / Splunk ES)
Familiarity with NIST cybersecurity frameworks
Skills
Expertise in SOAR and AI technologies.
Strong technical and analytical skills.
Ability to work collaboratively with security teams.
Proficiency in developing automated security workflows.
Experience with cloud and on-premise system integration.
Strong communication and planning abilities.
Problem-solving and critical thinking skills.
Familiarity with cybersecurity frameworks and standards.
Benefits
Insurance – health, dental, and vision
Paid Time Off (PTO) and 11 Federal Holidays
401(k) employer match
Seniority Level
Associate
Employment Type
Full-time
Job Function
Engineering and Information Technology
Industries
IT Services and IT Consulting
#J-18808-Ljbffr
This SOAR Automation Engineer role supports a large U.S. federal agency by designing, implementing, and scaling security automation capabilities across a complex enterprise environment. The role is centered on Splunk Phantom (Splunk SOAR) and focuses on automating security operations, improving response and investigation workflows, and integrating AI-enabled enrichment using Azure AI services where appropriate.
This is a hands-on technical role with strategic influence, combining deep engineering work with ownership of automation design and continuous improvement across SOC workflows.
This is a W2 contract, fully remote (CONUS only) role, supporting a large federal agency. Prior federal contracting experience is preferred.
U.S. Citizenship or Permanent Residency is required.
Responsibilities
Design, build, and maintain SOAR automation using Splunk Phantom
Develop and enhance automated playbooks to support detection, response, and investigation workflows
Integrate SOAR with SIEM, security tools, cloud platforms, and on-prem systems
Apply AI-enabled enrichment and decision support using Azure AI services
Lead automation design decisions and guide SOC teams on effective SOAR usage
Improve dashboards, metrics, and operational visibility tied to automated workflows
Collaborate with security analysts, engineers, and stakeholders to identify automation opportunities
Operationalize and scale automation across the security lifecycle
Ensure reliability, maintainability, and documentation of automation solutions
Requirements Must-Have
4+ years of experience building and supporting SOAR / security automation solutions in enterprise environments
Hands-on experience with Splunk Phantom (Splunk SOAR)
Strong background in security workflow automation and playbook development
Experience integrating cloud and on-premise systems via APIs
Working familiarity with Azure AI services and applied AI use cases in cybersecurity
Strong problem-solving and analytical skills
Ability to collaborate across technical and non-technical teams
Excellent written and verbal communication skills
Bachelor’s degree in a cyber-related field or equivalent experience/certifications
Nice-To-Have
Federal cybersecurity environments
SOC operations and incident response workflows
Python or scripting for automation
SIEM integration (Splunk Enterprise / Splunk ES)
Familiarity with NIST cybersecurity frameworks
Skills
Expertise in SOAR and AI technologies.
Strong technical and analytical skills.
Ability to work collaboratively with security teams.
Proficiency in developing automated security workflows.
Experience with cloud and on-premise system integration.
Strong communication and planning abilities.
Problem-solving and critical thinking skills.
Familiarity with cybersecurity frameworks and standards.
Benefits
Insurance – health, dental, and vision
Paid Time Off (PTO) and 11 Federal Holidays
401(k) employer match
Seniority Level
Associate
Employment Type
Full-time
Job Function
Engineering and Information Technology
Industries
IT Services and IT Consulting
#J-18808-Ljbffr