SOAR Engineer/ Consultant (Detection & Automation)

About

Position: SOAR Engineer / Consultant (Detection & Automation)
Client: Consulting client (Procom)
Contract Length: 6 months
Start Date: ASAP
Location: Remote (client based in Toronto, Ontario, Canada)

Responsibilities

• Design and implement high-quality SIEM detections aligned to real‑world attacker behavior
• Map detection logic to the MITRE ATT&CK framework
• Identify detection gaps and improve alert fidelity
• Build and optimize SOAR playbooks with enrichment, decision logic, and response actions
• Automate manual security processes to improve response efficiency
• Enforce SaaS security controls such as DLP, session, and access controls
• Integrate security alerts into SOC workflows and incident response processes
• Establish and track metrics like MTTD and MTTR

Mandatory Skills

• Hands‑on experience in SIEM detection engineering
• Experience building SOAR automation/playbooks with response actions
• Experience mapping detections to MITRE ATT&CK
• Experience in SOC or MDR‑integrated environments
• Experience securing SaaS environments (DLP, monitoring, access controls)
• Strong understanding of incident response processes

Nice‑to‑Have Skills

• Experience with SIEM platforms (e.g., Microsoft Sentinel, Splunk, Elastic)
• Experience with SOAR platforms and automation frameworks
• Experience working with Arctic Wolf or similar MDR providers
• Cloud security experience (Azure, AWS)
• Relevant certifications (GIAC, CISSP, etc.)