Position Description:
We are seeking an innovative and highly skilled AI and Automation Subject Matter Expert (SME) to lead advanced automation and orchestration initiatives across SOC, Incident Response (IR), and Threat Intelligence operations for a major federal program. This position offers a unique opportunity to combine deep expertise in security tooling automation with cutting-edge AI solutions, including Large Language Models (LLMs) and prompt engineering, to enhance detection, response, and analysis capabilities. You will be at the forefront of developing integrations, orchestrating workflows, and building automation pipelines that increase operational efficiency, accelerate incident resolution, and improve the overall security posture.
This is a hands-on technical leadership role for someone who thrives in complex, hybrid environments spanning cloud and on-premises infrastructure. You will work closely with SOC analysts, threat hunters, IR teams, and engineers to deliver automation strategies, operationalize AI/ML solutions, and integrate a wide variety of security platforms with Splunk SIEM and SOAR technologies.
Named one of the Best Places to Work in the Washington DC area for 11 consecutive years, Valiant is proud of our employee-centric culture and commitment to excellence. If you are interested in learning more about Valiant and this opportunity, we invite you to apply now!

REQUIRED EXPERIENCE:

• Active Top Secret Clearance.
• Minimum of fifteen (15) years of relevant IT and cybersecurity experience.
• Bachelor’s degree in Computer Science, Information Systems, Engineering, or related field, or four (4) additional years of experience in lieu of degree.
• Proven expertise in security automation and orchestration using tools such as Splunk SOAR/Phantom, Cortex XSOAR, or Swimlane.
• Strong development experience on Linux/UNIX platforms, including scripting in Python, Bash, or Ruby.
• Hands-on experience with Ansible Playbooks and Roles, Terraform scripting, and infrastructure-as-code for deploying and configuring systems.
• Experience integrating security tools via APIs, building automation workflows, and orchestrating multi-platform processes.
• Familiarity with CI/CD pipelines and tools such as Jenkins, with proven ability to build, maintain, and automate deployment pipelines.
• Broad security engineering knowledge, including SIEM integration, EDR solutions, network security, and cloud security in AWS and hybrid environments.
• Hands-on experience using AI/ML in security operations, including LLM-based automation, enrichment, and reporting.
• Prompt engineering skills to optimize LLM outputs for SOC, IR, and threat intelligence use cases.

• Design, implement, and maintain security automation workflows that integrate Splunk SIEM/SOAR with other enterprise security tools.
• Develop and operationalize AI/ML capabilities, including LLM-powered analytics and enrichment for SOC, IR, and threat intelligence functions.
• Build, manage, and optimize CI/CD pipelines for security automation projects, using tools such as Jenkins.
• Automate repetitive SOC, IR, and threat intelligence tasks, reducing response times and improving analyst efficiency.
• Create and manage Infrastructure-as-Code solutions with Ansible and Terraform for security infrastructure deployment and configuration.
• Develop custom Python scripts and API integrations to connect disparate security platforms and enable data-driven decision-making.
• Collaborate with SOC, IR, threat intelligence, and engineering teams to identify automation opportunities and deliver measurable improvements.
• Provide technical leadership and mentorship to engineers and analysts in automation best practices and AI/ML integration.
• Evaluate and recommend emerging security technologies, AI capabilities, and automation frameworks to improve capabilities.
• Maintain documentation for automation workflows, AI/ML models, and integration procedures to ensure operational continuity.
• Support continuous improvement initiatives, including process re-engineering, detection tuning, and orchestration enhancements.