JOBSEARCHER

Security Analyst (SOAR Engineer) (Remote - Onsite interviews)

ARCHIVED
Via DiceRemoteApril 30th, 2026

We can't find an active application page for this role right now. It may reopen or be listed elsewhere. Use Next Steps to search for an active apply link and similar live jobs.

Dice is the leading career destination for tech experts at every stage of their careers. Our client, Cleo Consulting Inc., is seeking the following. Apply via Dice today!Client: State of SCPosting title: IT - ADMIN - Security Architect - ConsultantPosting ID: 10794Agency: ADMINDivision: Division of Technology - Information Security (DIS)Title: Security Architect – ConsultantAddress: 1201 Main Street Suite 600, Columbia, SC - 29201Projected Start Date: 05/25/2026Projected End Date/Duration: 12 Months from projected startPossibility for Extension: YesWork Location: Fully RemoteInterview Process: 1 round, Virtual/Online - potential for a 2nd round onsite as neededThe following are required for bid submission:ResumeR2RCover LetterMeets Work LocationJob DescriptionThe State of South Carolina is looking for a Security Analyst - Consultant (SOAR Engineer)Why is this position open: New role supporting statewide security automation via the state SOAR platform across South Carolina’s state agencies (Division of Information Security)Required SkillsEducation: Bachelor’s Degree in an Information Technology or Information Security related field; 8+ years of experience in security architecture may be substituted in lieu of education5+ years of experience with automation platforms or SOAR solutions5+ years of experience in supporting large IT environments and/or system deploymentsExperience with scripting and automation (Python, Bash, PowerShell, or similar)Experience with Rest API's, JSON, and YAMLFamiliarity with MITRE ATT & CK frameworkExperience working in multi-tenancy environment; multi-agency or enterprise service projectsPreferred SkillsCertification: CISSP, CISA, CISO or equivalent advanced security certifications (CEH, OSCP, GPEN)Certification: Vendor certifications in SOAR or Automation technologiesExperience creating automations within the Cortex XSOAR platformKnowledge of security monitoring use cases and incident response support.Resources local to Columbia, SC or surrounding city in South Carolina are preferredDescriptionWhy is this position open (new role, increased workload, new dept, resignation, promotion)?If backfill Position – What separated the candidate, you initially selected from all the other resumes presented? New role supporting statewide security automation via the state SOAR platform across South Carolina’s state agencies.Scope of the project:The position will work as a consulting Security Orchestration, Automation, and Response engineer within the Division of Information Security. This role will focus on Playbook development and Orchestration, Workflow automation, and logic optimization within the state SOAR platform. They will also build and maintain integrations between the state SOAR platform, SIEM, EDR, Firewalls, and other necessary security tools. Engaging directly with state agencies to promote, support, and improve adoption of centralized security services is a key focus. The engagement is expected to be needed for 12 months with the possibility of extension.Pre-employment Checks (drug, credit, criminal, motor vehicle)?DRUG, DRIVING, CREDIT, CRIMINAL, E-VERIFY, SLED Daily Duties / Responsibilities:PREFERENCE WILL BE GIVEN TO A CANDIDATE WHO CAN WORK ONSITE OVER HYBRID AND OVER FULL-TIME REMOTE (ON-SITE AS NEEDED).Provide technical expertise and experience in creating efficient automation workflows.Develop, implement automations and optimize existing automations in response to security alerts and incidents.Build and maintain integrations with the SOAR platform.Create custom scripts when required to provide functionality not supported out of the box integrations.Document processes, runbooks, and troubleshooting steps related to the SOAR and integrations.proactively Coordinate with engineering, SOC, and IR support as needed to meet goals.other duties as needed.ADDITIONAL SKILLS/DUTIES:EXPERIENCE WITH DASHBOARD CREATION AND REPORTING.EXCELLENT COMMUNICATION AND CUSTOMER SERVICE SKILLS FOR AGENCY-FACING ENGAGEMENT.Preferred Education/Certifications:CISSP, CISA, CISO or equivalent advanced security certification.Additional relevant certifications (e.g., CEH, OSCP, GPEN).VENDOR CERTIFICATIONS IN SOAR OR AUTOMATION TECHNOLOGIES.Required Education/Certifications:BACHELOR'S DEGREE IN AN INFORMATION TECHNOLOGY OR INFORMATION SECURITY RELATED FIELDEIGHT YEARS OF RELEVANT WORK EXPERIENCE MAY BE SUBSTITUTED IN LIEU OF EDUCATIONFIVE YEARS OF EXPERIENCE IN SUPPORTING LARGE IT ENVIRONMENTS AND/OR SYSTEM DEPLOYMENTS5+ years of experience with automation platforms or SOAR solutions.Strong scripting and automation skills (Python, Bash, PowerShell, or similar).Understanding of REST APIs, JSON, and YAML.Familiarity with mitre att & ck frameworkExperience in working in multi-tenancy environment; Experience in multi-agency or enterprise service projects.“Cleo Consulting is an equal opportunity employer (Minorities/Women/Veterans/Disabled)”