SOC Engineer at ALTA IT Services, LLC

• Job Location Washington, DC
• Seniority Mid-Senior Level
• Type Contract

Share on:

Description

SOC Engineer REMOTE (DC Area Preferred) Must be willing to come in once a quarter for a team meeting US citizenship required per government contract Must be able to obtain Public Trust clearance This role focuses on engineering SOC data feed solutions, implementing SOAR capabilities, and ensuring feed health through cross-team collaboration.

The ideal candidate will have strong cybersecurity expertise, including network security, SIEM, incident response, and threat detection.

They will also serve as the backup SOC Lead, overseeing operations, managing escalations, and providing updates to senior leadership during critical incidents when the primary lead is unavailable.

Key Responsibilities • Microsoft Sentinel Engineering: Maintain and optimize a Microsoft Sentinel SIEM/SOAR solution in alignment with client requirements, industry best practices, and federal compliance mandates.

• Data Integration: Configure and manage log/data feeds from diverse sources (e.g., Fluent Bit, Windows Events, M365, cloud services, endpoint/security platforms).

• Parsing & Normalization: Develop and refine log parsing rules using Regex, DCRs, and custom transformations to ensure accurate and usable data in Sentinel.

• SOAR Development: Engineer automation and orchestration solutions using Microsoft Logic Apps, Azure Functions, and PowerShell/Python scripts to improve SOC efficiency and incident response.

• Threat Detection Engineering: Build, tune, and optimize analytic rules, UEBA, dashboards, and reports to improve detection and response coverage.