Title: Senior SOC Engineer (Detection Engineering & Automation)
Location: Rockville, Maryland or McLean, VA
Target Start Date: ASAP
Type: contract
Pay Rate: DOE
We are building a mature, scalable Security Operations Center and are seeking a senior SOC engineer with deep experience in detection engineering and security automation. This role is ideal for someone who has worked in a high-performing SOC and can help define what “good” looks like—technically and operationally.
You will lead efforts to design effective detections, reduce alert fatigue through risk-based approaches, and automate response workflows that enable analysts to work efficiently and at scale. The role is highly hands-on and collaborates closely with threat intelligence, threat hunting, and platform engineering teams.
Design and implement detection use cases aligned to the MITRE ATT&CK framework
Assess detection coverage, identify gaps, and drive remediation roadmaps
Build, tune, and maintain correlation searches and alerts within enterprise SIEM platforms
Implement risk-based alerting methodologies to improve signal quality
Develop and maintain detections across on-prem and multi-cloud environments
Continuously refine detections based on SOC feedback and incident outcomes
Design and implement automated response playbooks using SOAR platforms
Integrate security tools to support automated investigation and response workflows
Develop scripts and automations (Python, PowerShell, Bash) to streamline SOC operations
Create reusable automation frameworks that scale across multiple use cases
Partner with engineering teams to ensure automation reliability and performance
Define and contribute to a mature SOC operating model and technical architecture
Identify shortcomings in existing SOC capabilities and recommend improvements
Establish standards and best practices for detection engineering and response
Provide technical mentorship and guidance to SOC and platform engineers
Contribute to long-term SOC strategy and capability growth
Partner with threat intelligence and threat hunting teams to operationalize research
Work closely with SOC analysts to improve detection quality and workflows
Participate in incident response to validate and enhance detections and automation
Document detection logic, playbooks, and technical designs
5 years of experience in a Security Operations Center environment
Strong hands-on experience with enterprise SIEM platforms (e.g., building detections, alerts, dashboards)
Proven detection engineering experience, including alert tuning and coverage analysis
Practical application of the MITRE ATT&CK framework
Experience building automated response workflows using SOAR platforms
Proficiency in scripting languages such as Python, PowerShell, or Bash
Experience monitoring and detecting threats in cloud environments
Strong analytical skills with the ability to define vision and drive SOC maturity
Hands-on experience with Splunk SOAR and/or behavioral analytics platforms
Risk-Based Alerting (RBA) implementation experience
Threat hunting background with applied detection engineering
CI/CD or infrastructure automation experience
Experience mentoring or leading detection engineering efforts
Relevant security certifications (GIAC, CISSP, or similar)
This is a senior individual contributor role with significant influence over detection strategy, automation, and SOC maturity. The position offers the opportunity to shape security operations, establish engineering standards, and grow into a technical leadership role as the SOC continues to expand.
Welcome to ConsultNet, a premier national provider of technology talent and solutions. Our expertise spans across project services, contract-to-hire, direct search, and managed services onshore, nearshore, and hybrid.
For over 25 years, we have connected thousands of consultants with meaningful roles through a personal, communication-driven approach, partnering with a diverse client base to build high-performing teams and create lasting impact.
Our comprehensive service offerings cover a wide range of technology and engineering positions across key markets nationwide. Learn more at www.consultnet.com .
We champion equality and inclusivity, proudly supporting an Equal Opportunity Employer policy. We welcome applicants regardless of Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other status protected by law.