Security Orchestration, Automation and Response (SOAR) SME - 30702 in San Antonio, TX at Alion Science and Technology

Date Posted: 9/12/2019

Job Snapshot

  • Employee Type:
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:

Job Description



The candidate will serve as the on-site SOAR SME for integration of capacities related to USAF utilization of SOAR systems with JRSS and legacy AF systems. The candidate will monitor and report on status of all SOAR efforts, in particular Demisto, to include utilization of Demisto capabilities tailored to meet USAF requirements.  Will require daily interaction with vendor personnel to ensure the full range of capabilities are leveraged to meet USAF mission requirements with a goal of automation to improve identification and response times as well as reduce impact should an incident occur.  Candidate will be expected to analyze the latest attack vectors or indicators of compromise and develop approaches to detect them across the USAF’s diverse environment and endpoints.  Position is full-time during normal duty hours at Joint Base San Antonio.  Travel (less than 25%) is required for this position.

Job Requirements:

  • 8+ years’ experience in Information Security Engineering and/or Operations
  • Experience working with SIEM log aggregation, orchestration platforms (Demisto, Phantom, etc), Elastic tools (Kibana, Search, LogStash, etc), open source security software and general data management concepts
  • Experience with object-oriented languages such as Python, JS, Go, etc.
  • Knowledge of general concepts around risk and threat management and associated frameworks and standards (NIST, OWASP, ISO, etc)
  • Ability to write Demisto scripts, troubleshoot, train and support any other technical requests
  • Comfortable working in Linux/BSD environments

Preferred Qualifications:

  • Bachelor’s or advanced degree in one of the following areas: Computer Science, Computer Engineering, Software Engineering, Electrical Engineering, Computer and Information Security, Computer Security, and/or Network Administration from an accredited university/college
  • Knowledge of TCP/IP protocols and deeper knowledge of application layer (L7) protocols like HTTP, FTP, DNS etc
  • Deconstruction and analysis of network-based vulnerabilities and exploits
  • Experience in customer-facing roles
  • Experience as a Security Incident Responder or SOC analyst/manager

Security Clearance


Top Secret/Sensitive Comp Info


Diversity Statement


We are an EOE that values our employee’s talent – regardless of gender, race, ethnicity, national origin, sexual orientation, religion or other protected characteristics – Your Talent Is Our Strength.

Alion will provide a reasonable accommodation to individuals with disabilities and disabled veterans who need assistance to apply. Please visit the Alion Careers site for more information.

U.S. Citizenship Required for the majority of our positions.

Next Steps

Next Steps


Join the Alion Talent Network today and stay up-to-date on our openings as they continue to become available! As a member of our network, you will receive alerts with new job opportunities that match your interests and have the ability to share job opportunities through social media or email. Join now!

Whether you choose to apply or just leave your information, we look forward to staying connected with you.