A

Senior Security Architect Consultant - SIEM Engineer

Accord Technologies Inc • United State
Remote
Apply
AI Summary

Seeking an experienced SIEM Engineer to design, implement, and optimize enterprise security monitoring platforms. This role requires deep hands-on expertise with Palo Alto Cortex XSIAM/XDR, SIEM engineering, and SOC operations. Key responsibilities include threat detection, automation, and platform reliability in a remote, W2 contract position.

Key Highlights
Design, implement, and optimize enterprise security monitoring and response platforms.
Deep hands-on expertise with Palo Alto Cortex XSIAM, Cortex XDR, SIEM engineering, and SOC operations.
Requires experience with Cribl, log pipelines, data modeling, automation using Python/Bash, and incident response.
Key Responsibilities
Design, deploy, configure, and maintain Cortex XSIAM.
Administer and optimize Cortex XDR capabilities.
Support enterprise SIEM architecture and operations.
Configure multi-tenant environments and tenant-specific settings.
Implement role-based access controls and data segregation.
Build and maintain dashboards, reports, and operational metrics.
Develop detection rules, correlation rules, and analytics.
Create threat-hunting queries, watchlists, and detection use cases.
Tune alerts and suppression logic to reduce false positives.
Develop and maintain automated response workflows.
Create playbooks for enrichment, triage, containment, and escalation.
Integrate SIEM/XDR platforms with ticketing and case-management tools.
Support threat-intelligence, identity, notification, and enterprise-system integrations.
Design and optimize Cribl data models and log pipelines.
Perform log routing, parsing, normalization, enrichment, filtering, replay, and ingestion.
Onboard cloud, endpoint, network, identity, SaaS, Linux, Windows, and custom-application telemetry.
Monitor data ingestion health, platform availability, and alert volumes.
Optimize log volume, retention, platform performance, and operational costs.
Support incident response, technical escalations, and SOC analyst handoffs.
Assist Tier 1 through Tier 3 analysts with troubleshooting and detection tuning.
Create runbooks, SOPs, escalation matrices, troubleshooting guides, and architecture diagrams.
Maintain data-flow documentation, use-case catalogs, and analyst knowledge articles.
Ensure high availability, backup, recovery, lifecycle management, and controlled changes.
Apply secure-system-design principles, access controls, and cybersecurity best practices.
Use Python and Bash to develop automation, integrations, and response workflows.
Collaborate with technical and business stakeholders to align solutions with security, compliance, and risk requirements.
Technical Skills Required
Palo Alto Cortex XSIAM Palo Alto Cortex XDR SIEM Engineering
Benefits & Perks
Remote
W2 Contract
Nice to Have
Bachelor's degree in IT, Information Security, or a related field
CISSP certification
Security+ certification
GIAC certification
Palo Alto Cortex certification
Cribl certification
Related SIEM/security-platform credentials

Job Description


Title: Security Architect Consultant SIEM Engineer

Location: Remote

Position Type: W2 Contract

Job Description: We are seeking an experienced SIEM Engineer to design, implement, administer, and optimize enterprise security monitoring and response platforms. This role requires deep hands-on expertise with Palo Alto Cortex XSIAM, Cortex XDR, SIEM engineering, and SOC operations in large-scale, multi-tenant environments. The consultant will partner with security architects, engineers, and analysts to strengthen detection, response, threat-hunting, automation, and platform reliability capabilities.

The ideal candidate has strong experience with Cribl, log pipelines, data modeling, telemetry onboarding, incident response, and security automation using Python and Bash. This fully remote role includes participation in a monthly on-call rotation supporting a 24x7 security operations environment, with occasional after-hours maintenance or incident-escalation support as needed. Successful candidates must meet required background, credit, drug-screening, and ongoing security-certification requirements.

  • Design, deploy, configure, and maintain Cortex XSIAM.
  • Administer and optimize Cortex XDR capabilities.
  • Support enterprise SIEM architecture and operations.
  • Configure multi-tenant environments and tenant-specific settings.
  • Implement role-based access controls and data segregation.
  • Build and maintain dashboards, reports, and operational metrics.
  • Develop detection rules, correlation rules, and analytics.
  • Create threat-hunting queries, watchlists, and detection use cases.
  • Tune alerts and suppression logic to reduce false positives.
  • Develop and maintain automated response workflows.
  • Create playbooks for enrichment, triage, containment, and escalation.
  • Integrate SIEM/XDR platforms with ticketing and case-management tools.
  • Support threat-intelligence, identity, notification, and enterprise-system integrations.
  • Design and optimize Cribl data models and log pipelines.
  • Perform log routing, parsing, normalization, enrichment, filtering, replay, and ingestion.
  • Onboard cloud, endpoint, network, identity, SaaS, Linux, Windows, and custom-application telemetry.
  • Monitor data ingestion health, platform availability, and alert volumes.
  • Optimize log volume, retention, platform performance, and operational costs.
  • Support incident response, technical escalations, and SOC analyst handoffs.
  • Assist Tier 1 through Tier 3 analysts with troubleshooting and detection tuning.
  • Create runbooks, SOPs, escalation matrices, troubleshooting guides, and architecture diagrams.
  • Maintain data-flow documentation, use-case catalogs, and analyst knowledge articles.
  • Ensure high availability, backup, recovery, lifecycle management, and controlled changes.
  • Apply secure-system-design principles, access controls, and cybersecurity best practices.
  • Use Python and Bash to develop automation, integrations, and response workflows.
  • Collaborate with technical and business stakeholders to align solutions with security, compliance, and risk requirements.
  • Bachelor s degree in IT, Information Security, or a related field preferred; relevant experience may substitute.
  • Preferred certifications include CISSP, Security+, GIAC, Palo Alto Cortex, Cribl, or related SIEM/security-platform credentials.

Similar Jobs

Explore other opportunities that match your interests

Security Analyst

Cyber Security
•
6h ago
Visa Sponsorship Relocation Remote
Job Type Volunteer
Experience Level Not Applicable

val's services

United State

AI-Driven Application Security Analyst

Cyber Security
•
13h ago

Premium Job

Sign up is free! Login or Sign up to view full details.

•••••• •••••• ••••••
Job Type ••••••
Experience Level ••••••

sundayy

United State

Senior Cybersecurity Engineer - Cloud & OT Security

Cyber Security
•
19h ago

Premium Job

Sign up is free! Login or Sign up to view full details.

•••••• •••••• ••••••
Job Type ••••••
Experience Level ••••••

solv energy

United State

Subscribe our newsletter

New Things Will Always Update Regularly