[Remote] SOC Engineer--REMOTE/ Washington, DC

Note: The job is a remote job and is open to candidates in USA. Dice is the leading career destination for tech experts at every stage of their careers. Our client, Protos IT, is seeking a SOC Engineer to focus on engineering SOC data feed solutions, implementing SOAR capabilities, and ensuring feed health through cross-team collaboration. Responsibilities • Microsoft Sentinel Engineering: Maintain and optimize a Microsoft Sentinel SIEM/SOAR solution in alignment with client requirements, industry best practices, and federal compliance mandates. • Data Integration: Configure and manage log/data feeds from diverse sources (e.g., Fluent Bit, Windows Events, M365, cloud services, endpoint/security platforms). • Parsing & Normalization: Develop and refine log parsing rules using Regex, DCRs, and custom transformations to ensure accurate and usable data in Sentinel. • SOAR Development: Engineer automation and orchestration solutions using Microsoft Logic Apps, Azure Functions, and PowerShell/Python scripts to improve SOC efficiency and incident response. • Threat Detection Engineering: Build, tune, and optimize analytic rules, UEBA, dashboards, and reports to improve detection and response coverage. • Collaboration: Partner with cross-functional teams (network, endpoint, cloud, IT ops) to integrate new data sources and deliver actionable SOC capabilities. • Documentation & Knowledge Transfer: Develop and maintain clear documentation of SOC architecture, log source onboarding, and automation playbooks; provide training for SOC analysts on new tools and processes. • Advisory & Improvement: Conduct gap analyses of existing SOC capabilities, recommend improvements, and contribute to SOC process maturity. • Incident Response Support: Provide Tier 3 support and assist with complex investigations when required. Skills • 2 5 years of experience in network defense, SOC engineering, or cybersecurity operations. • Hands-on experience with Microsoft Sentinel, including log onboarding, rule development, and automation. • Proficiency with log parsing and normalization (Regex, Fluent Bit, DCRs, KQL). • Strong scripting skills in PowerShell and/or Python for automation and data handling. • Experience configuring and maintaining data feeds for SOC visibility (cloud, endpoint, network, and on-prem). • Familiarity with incident response concepts, threat detection engineering, and SOAR workflows. • Excellent written and verbal communication skills with ability to work across technical and non-technical teams. • Bachelor s degree in Computer Science, Information Security, or related field (or equivalent experience). • 5+ years of progressive cybersecurity/SOC experience (engineering and operations). • Knowledge of federal cybersecurity mandates (M-21-31, NIST Cybersecurity Framework, CISA Incident/Vulnerability Playbooks, BOD 22-01). • Experience with Microsoft Logic Apps, Azure Functions, or other SOAR development platforms. • Experience with UEBA configuration to enhance anomaly detection. • Background in AI/ML frameworks for cyber analytics. • Experience building SOC metrics, dashboards, and reporting for operational visibility. • Familiarity with M365, Azure security tools, ServiceNow workflows, and CISA CDM tools. • Relevant certifications such as CISSP, CISM, Microsoft Security Operations Analyst (SC-200), or Azure Security Engineer (AZ-500). Company Overview • Welcome to Jobs via Dice, the go-to destination for discovering the tech jobs you want. It was founded in undefined, and is headquartered in , with a workforce of 0-1 employees. Its website is Apply tot his job