Platform Security Engineer

Description
Senior SOC Engineer (Detection Engineering & Automation)
About the Role
Our Security Operations Center is evolving from foundational capabilities into a mature, comprehensive security operations program. We need an experienced SOC engineer who has been part of a top-tier SOC and can provide technical vision and leadership to guide our detection engineering and automation efforts.
This role focuses on building robust detection capabilities, automating security responses, and creating the frameworks that enable our SOC analysts to effectively identify and respond to threats. You will work closely with our threat intelligence and hunting teams to translate security research into actionable detections and automated responses.
Key Responsibilities
Detection Engineering
Design and implement comprehensive detection use cases aligned with the MITRE ATT&CK framework
Conduct gap analysis of current detection coverage and develop roadmap to address gaps
Build and tune correlation searches, alerts, and detection logic in Splunk Enterprise Security
Implement Risk-Based Alerting (RBA) methodologies to improve signal-to-noise ratio
Develop detection strategies for multi-cloud environments (AWS, Google Cloud Platform, Azure)
Continuously evaluate and improve detection effectiveness based on SOC feedback
Security Automation & Orchestration
Design and implement automated response playbooks using Splunk SOAR
Build integrations between security tools to enable automated investigation and response workflows
Develop scripts and automation (Python, Bash, PowerShell) to streamline SOC operations
Create reusable automation frameworks that scale across multiple use cases
Collaborate with platform engineering to ensure reliable automation infrastructure
SOC Architecture & Vision
Define what a mature SOC capability looks like using Splunk ES, SOAR, and supporting tools
Identify gaps and shortcomings in current SOC implementation and provide clear remediation guidance
Establish best practices, standards, and frameworks for detection engineering and response
Mentor platform engineering team on SOC-specific requirements and approaches
Contribute to long-term SOC strategy and capability development
Cross-Functional Collaboration
Partner with threat intelligence and threat hunting teams to operationalize research into detections
Work with SOC analysts to understand investigation workflows and improve detection quality
Collaborate with platform engineering teams to implement and maintain SOC infrastructure
Participate in incident response activities to validate and refine detection and automation capabilities
Document detection logic, playbooks, and technical architectures
Required Qualifications
SOC Experience: 5+ years in a Security Operations Center environment with exposure to mature SOC operations and best practices
SIEM Expertise: Hands-on experience with Splunk Enterprise Security or comparable enterprise SIEM platforms (building correlation searches, alerts, dashboards, and ES-specific frameworks)
Detection Engineering: Proven experience developing security detections, use cases, and alert tuning methodologies
MITRE ATT&CK Framework: Practical application of MITRE ATT&CK for detection coverage mapping and gap analysis
Security Automation: Experience building automated response workflows and playbooks (SOAR platforms preferred)
Scripting: Strong proficiency in Python, PowerShell, or Bash for automation and integration development
Cloud Security: Understanding of cloud security monitoring and detection across AWS, Google Cloud Platform, and Azure environments
Analytical Mindset: Ability to identify gaps, define clear vision for improvement, and guide teams toward maturity
Preferred Qualifications
Splunk SOAR (Phantom) hands-on experience
Splunk UEBA or behavioral analytics platform experience
Risk-Based Alerting (RBA) implementation experience
Threat hunting with detection engineering application
Infrastructure automation and CI/CD pipeline knowledge
Experience mentoring or leading detection engineering teams
Relevant certifications (GIAC, CISSP, or similar)
Team Structure & Growth Opportunity
This position reports to the Director of Security Platform Engineering and serves as a individual contributor with potential to transition into a technical lead role as the SOC engineering team expands. You will collaborate closely with SOC analysts, threat intelligence teams, threat hunters, and platform engineering teams.
The role offers the opportunity to shape SOC capabilities, establish engineering standards, and build a world-class detection and response program using industry-leading tools.
This is a position requiring demonstrated experience in mature SOC environments and the ability to provide technical vision and mentorship.
Additional Skills & Qualifications
-Experience setting up internal SOC "Guidance" knows the what potential pitfalls to be aware how things should work.
- Running into issue where their teams don't know how to define good soc
-step in and help, been part of soc, well oiled machine, experience with what does/doesn't work
-Senior level- not lead, Senior engineer hands on with detections
-most of it built out, just need extra help
-expand detections, detection engineering, vulnerabilities, scripting if needed
-consulting in a way, help guiding, wouldn't own whole process, have analyst team, need an engineer to point out mistakes and roadblocks
-Splunk enterprise security for detections, Splunk soar for automation, SPLUNK UEBA
-could translate through other SIEM tools, could be taught Splunk but it's being used currently so they'll have a leg up if they have that already
-analysts will do the actual work, design and improve whole enterprise security
-goal is to reduce work load for analysts, automate and take work off their hands
-working with threat team, if new vulnerability helps with detections
-hybrid 3 days a week on-site, in DMV area, Rockville or Tyson's
Job Type & Location
This is a Contract position based out of Rockville, MD.
Pay and Benefits
The pay range for this position is $70.00 - $80.00/hr.
Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: Medical, dental & vision Critical Illness, Accident, and Hospital 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available Life Insurance (Voluntary Life & AD&D for the employee and dependents) Short and long-term disability Health Spending Account (HSA) Transportation benefits Employee Assistance Program Time Off/Leave (PTO, Vacation or Sick Leave)
Workplace Type
This is a hybrid position in Rockville,MD.
Application Deadline
This position is anticipated to close on Jan 28, 2026.
>About TEKsystems:
We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

About TEKsystems and TEKsystems Global Services

We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.

The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.