V

Security Architect – Consultant (SIEM Engineer)

ventures unlimited inc United State
Remote
Apply
AI Summary

Design, implement, and optimize Palo Alto Cortex XSIAM and XDR platforms for a multi-tenant SOC serving state agencies. Develop detection rules, automation playbooks, and incident response processes using Python and Bash. Support Tier 1-3 SOC analysts and maintain enterprise security architecture documentation.

Key Highlights
Palo Alto Cortex XSIAM and XDR platform design and optimization
Multi-tenant enterprise SIEM implementation and support
Python and Bash automation for playbooks and incident response
Cribl log pipeline configuration and data modeling
Key Responsibilities
Design, implement, administer, and optimize Palo Alto Cortex XSIAM and Cortex XDR platforms
Engineer and support enterprise SIEM capabilities for multi-tenant environments
Develop and tune detection rules, correlation logic, threat-hunting queries, dashboards, and alert suppression
Build and maintain automation workflows, playbooks, and incident response processes using Python and Bash
Configure and optimize Cribl log pipelines, data modeling, parsing, normalization, enrichment, routing, and ingestion
Integrate cloud, endpoint, network, identity, SaaS, Linux, Windows, and custom application telemetry
Support Tier 1–Tier 3 SOC analysts through troubleshooting, threat hunting, and operational guidance
Create runbooks, SOPs, architecture documentation, and technical knowledge articles
Participate in a monthly on-call rotation supporting a 24x7 Security Operations Center
Technical Skills Required
Palo Alto Cortex XSIAM Palo Alto Cortex XDR Python Bash
Benefits & Perks
100% Remote work
Contract (W2) employment
12-month duration with high possibility of extension
Nice to Have
CISSP, Security+, or GIAC certification
Palo Alto Cortex, Cribl, or other SIEM/security platform certifications
Experience supporting Tier 1–Tier 3 SOC operations
Experience with security documentation, playbooks, and operational procedures

Job Description


Position: Security Architect – Consultant (SIEM Engineer)

Employment Type: Contract (W2)

Duration: 12 Months (High possibility of extension)

Location: 100% Remote (Preference for local South Carolina candidates who can attend occasional onsite meetings. Nationwide candidates are welcome.)

Interview Process: 1–2 Virtual Interview Rounds


Job Summary

The Client is seeking an experienced SIEM Engineer to support the Division of Information Security (DIS). This is a newly created engineering role focused on designing, implementing, optimizing, and supporting Palo Alto Cortex XSIAM, Cortex XDR, and Cribl within a large-scale, multi-tenant Security Operations Center (SOC) environment serving multiple state agencies.

Key Responsibilities

  • Design, implement, administer, and optimize Palo Alto Cortex XSIAM and Cortex XDR platforms.
  • Engineer and support enterprise SIEM capabilities for multi-tenant environments.
  • Develop and tune detection rules, correlation logic, threat-hunting queries, dashboards, and alert suppression.
  • Build and maintain automation workflows, playbooks, and incident response processes using Python and Bash.
  • Configure and optimize Cribl log pipelines, data modeling, parsing, normalization, enrichment, routing, and ingestion.
  • Integrate cloud, endpoint, network, identity, SaaS, Linux, Windows, and custom application telemetry.
  • Support Tier 1–Tier 3 SOC analysts through troubleshooting, threat hunting, and operational guidance.
  • Create runbooks, SOPs, architecture documentation, and technical knowledge articles.
  • Participate in a monthly on-call rotation supporting a 24x7 Security Operations Center.

Required Skills

  • Bachelor's degree in Information Technology, Information Security, or a related field (8+ years of relevant experience may substitute for education).
  • 5+ years supporting large enterprise IT environments or system deployments.
  • Hands-on experience with Palo Alto Cortex XSIAM and Cortex XDR.
  • Strong experience supporting SIEM platforms in multi-tenant enterprise environments.
  • Experience with detection engineering, correlation rules, analytics, dashboards, and threat hunting.
  • Strong experience creating and managing complex automation playbooks.
  • Hands-on experience with Cribl data modeling, log pipelines, parsing, normalization, enrichment, and ingestion.
  • Experience using Python and Bash for automation and integrations.
  • Experience onboarding telemetry from cloud, endpoint, network, identity, SaaS, Linux, Windows, and custom applications.
  • Strong understanding of enterprise security architecture, incident response, networking, access control, and cybersecurity frameworks.

Preferred Qualifications

  • CISSP, Security+, or GIAC certification.
  • Palo Alto Cortex, Cribl, or other SIEM/security platform certifications.
  • Experience supporting Tier 1–Tier 3 SOC operations.
  • Experience with security documentation, playbooks, and operational procedures.



Similar Jobs

Explore other opportunities that match your interests

Security Analyst

Cyber Security
5h ago
Visa Sponsorship Relocation Remote
Job Type Volunteer
Experience Level Not Applicable

val's services

United State

AI-Driven Application Security Analyst

Cyber Security
13h ago

Premium Job

Sign up is free! Login or Sign up to view full details.

•••••• •••••• ••••••
Job Type ••••••
Experience Level ••••••

sundayy

United State

Senior Cybersecurity Engineer - Cloud & OT Security

Cyber Security
18h ago

Premium Job

Sign up is free! Login or Sign up to view full details.

•••••• •••••• ••••••
Job Type ••••••
Experience Level ••••••

solv energy

United State

Subscribe our newsletter

New Things Will Always Update Regularly