SOAR Automation Engineer

Dragonfli Group is a cybersecurity and IT consulting firm providing services to federal agencies and Fortune 100 enterprises. Headquartered in Washington, DC, Dragonfli supports clients in securing mission"‘critical systems across on"‘site, hybrid, and fully remote environments.This SOAR Automation Engineer role supports a large U.S. federal agency by designing, implementing, and scaling security automation capabilities across a complex enterprise environment. The role is centered on Splunk Phantom (Splunk SOAR) and focuses on automating security operations, improving response and investigation workflows, and integrating AI"‘enabled enrichment using Azure AI services where appropriate.This is a hands"‘on technical role with strategic influence, combining deep engineering work with ownership of automation design and continuous improvement across SOC workflows.This is a W2 contract, fully remote (CONUS only) role, supporting a large federal agency. Prior federal contracting experience is preferred.U.S. Citizenship or Permanent Residency is required.ResponsibilitiesDesign, build, and maintain SOAR automation using Splunk PhantomDevelop and enhance automated playbooks to support detection, response, and investigation workflowsIntegrate SOAR with SIEM, security tools, cloud platforms, and on"‘prem systemsApply AI"‘enabled enrichment and decision support using Azure AI servicesLead automation design decisions and guide SOC teams on effective SOAR usageImprove dashboards, metrics, and operational visibility tied to automated workflowsCollaborate with security analysts, engineers, and stakeholders to identify automation opportunitiesOperationalize and scale automation across the security lifecycleEnsure reliability, maintainability, and documentation of automation solutionsRequirementsMust-Have4+ years of experience building and supporting SOAR / security automation solutions in enterprise environmentsHands"‘on experience with Splunk Phantom (Splunk SOAR)Strong background in security workflow automation and playbook developmentExperience integrating cloud and on"‘premise systems via APIsWorking familiarity with Azure AI services and applied AI use cases in cybersecurityStrong problem"‘solving and analytical skillsAbility to collaborate across technical and non"‘technical teamsExcellent written and verbal communication skillsBachelor's degree in a cyber"‘related field or equivalent experience/certificationsNice-To-HaveFederal cybersecurity environmentsSOC operations and incident response workflowsPython or scripting for automationSIEM integration (Splunk Enterprise / Splunk ES)Familiarity with NIST cybersecurity frameworksSkillsExpertise in SOAR and AI technologiesStrong technical and analytical skillsAbility to work collaboratively with security teamsProficiency in developing automated security workflowsExperience with cloud and on"‘premise system integrationStrong communication and planning abilitiesProblem"‘solving and critical thinking skillsFamiliarity with cybersecurity frameworks and standardsBenefitsInsurance - health, dental, and visionPaid Time Off (PTO) and 11 Federal Holidays401(k) employer matchSeniority LevelMid"‘Senior levelEmployment TypeFull"‘timeJob FunctionEngineering and Information TechnologyIndustriesIT Services and IT Consulting #J-18808-Ljbffr

Created: 2026-04-20