Remote Cybersecurity Engineer Job at ABBTECH Professional Resources in Washingto

Location: Remote with quarterly travel to DC This role focuses on engineering SOC data feed solutions, implementing SOAR capabilities, and ensuring feed health through cross-team collaboration. The ideal candidate will have strong cybersecurity expertise, including network security, SIEM, incident response, and threat detection. They will also serve as the backup SOC Lead, overseeing operations, managing escalations, and providing updates to senior leadership during critical incidents when the primary lead is unavailable. Microsoft Sentinel Engineering: Maintain and optimize a Microsoft Sentinel SIEM/SOAR solution in alignment with client requirements, industry best practices, and federal compliance mandates. - Data Integration: Configure and manage log/data feeds from diverse sources (e.g., Fluent Bit, Windows Events, M365, cloud services, endpoint/security platforms). - Develop and refine log parsing rules using Regex, DCRs, and custom transformations to ensure accurate and usable data in Sentinel. - Engineer automation and orchestration solutions using Microsoft Logic Apps, Azure Functions, and PowerShell/Python scripts to improve SOC efficiency and incident response. - Threat Detection Engineering: Partner with cross-functional teams (network, endpoint, cloud, IT ops) to integrate new data sources and deliver actionable SOC capabilities. - Documentation & Knowledge Transfer: Develop and maintain clear documentation of SOC architecture, log source onboarding, and automation playbooks; provide training for SOC analysts on new tools and processes. - 2-5 years of experience in network defense, SOC engineering, or cybersecurity operations. - Hands-on experience with Microsoft Sentinel, including log onboarding, rule development, and automation. - Strong scripting skills in PowerShell and/or Python for automation and data handling. - Experience configuring and maintaining data feeds for SOC visibility (cloud, endpoint, network, and on-prem). - Familiarity with incident response concepts, threat detection engineering, and SOAR workflows. - Experience with Microsoft Logic Apps, Azure Functions, or other SOAR development platforms. - Experience with UEBA configuration to enhance anomaly detection. - Background in AI/ML frameworks for cyber analytics. - Experience building SOC metrics, dashboards, and reporting for operational visibility. - Familiarity with M365, Azure security tools, ServiceNow workflows, and CISA CDM tools. - Relevant certifications such as CISSP, CISM, Microsoft Security Operations Analyst (SC-200), or Azure Security Engineer (AZ-500). Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience). - 5+ years of progressive cybersecurity/SOC experience (engineering and ope) travel required; Benefits (Regular, Full Time Employees): • Medical, Dental, and Vision offerings • Weekly Direct Deposit • Paid Holidays and Personal Time Off • Voluntary Life and AD&D, Short / Long Term Disability, plus other voluntary coverages • Pre-Paid Legal and Employee Assistance Programs • Northwest Federal Credit Union Membership • ABBTECH is an EOE/Minorities/Women/Disabled Individuals/Veterans