Soc Engineer Jobs

Robert Half

Location:
United States, Washington DC

Category:
IT - Administration

Contract Type:
Employment contract

Salary:

Not provided

Save Job

Apply Position

Job Description:

We are seeking a skilled and motivated SOC Engineer to join our cybersecurity operations team. This role involves engineering data feed solutions for the Security Operations Center (SOC), implementing SOAR capabilities, and ensuring the health and performance of data integrations through collaboration across technical teams. The ideal candidate will bring deep cybersecurity expertise, particularly in network security, SIEM/SOAR platforms, incident response, and threat detection. This position also serves as the backup SOC Lead, stepping in to manage operations, escalations, and leadership communications during critical incidents when the primary lead is unavailable.

Job Responsibility:

Maintain and optimize Microsoft Sentinel SIEM/SOAR solutions
configure and manage log/data feeds from various sources
develop and refine log parsing rules using Regex, DCRs, and custom transformations
build automation and orchestration workflows using Microsoft Logic Apps, Azure Functions, and PowerShell/Python scripting
design and tune analytic rules, UEBA, dashboards, and reports
work closely with network, endpoint, cloud, and IT operations teams
create and maintain documentation for SOC architecture, onboarding processes, and automation playbooks
train SOC analysts on new tools and procedures
conduct gap analyses and recommend enhancements to SOC capabilities
provide Tier 3 support and assist in complex investigations.

Requirements:

2–5 years of experience in SOC engineering, network defense, or cybersecurity operations
hands-on experience with Microsoft Sentinel, including log onboarding, rule creation, and automation
proficiency in log parsing and normalization (Regex, Fluent Bit, DCRs, KQL)
strong scripting skills in PowerShell and/or Python
experience managing data feeds across cloud, endpoint, network, and on-prem environments
familiarity with incident response, threat detection, and SOAR workflows
excellent communication skills and ability to collaborate across technical and non-technical teams
ability to obtain a Public Trust Clearance.

Nice to have:

knowledge of federal cybersecurity mandates (e.g., M-21-31, NIST CSF, CISA Playbooks, BOD 22-01)
experience with Microsoft Logic Apps, Azure Functions, or other SOAR platforms
familiarity with UEBA configuration and anomaly detection
exposure to AI/ML frameworks for cyber analytics
experience building SOC metrics, dashboards, and operational reports
familiarity with M365, Azure security tools, ServiceNow, and CISA CDM tools
relevant certifications such as CISSP, CISM, SC-200, or AZ-500.

What we offer:

Access to top jobs
competitive compensation and benefits
free online training
medical, vision, dental, and life and disability insurance
401(k) plan.

Additional Information:

Job Posted:
September 06, 2025

Employment Type:

Fulltime

Work Type:

On-site work

View All Jobs In This Company

Job Link Share:

Soc Engineer