Find The RightJob.

XSIAM Security Consultant only on W2

Required Skills : 10+ years in SOC roles (analyst/engineer/architect/consultant). Proven deployment/operations of XSIAM (or Cortex XDR/XSOAR in an XSIAM context). QRadar expertise (rules, log sources/flows, reference sets, AQL). CP4S SOAR/case management experience; ability to translate workflows cross-platform. Participation in at least one enterprise-scale SIEM/SOAR migration. XQL proficiency; detection rule development. SIEM normalization, onboarding, and field mapping. SOAR playbook design and workflow automation. MITRE ATT&CK–based detection engineering and gap analysis. Telemetry across cloud, endpoint, network, and identity. Scripting for integrations/automation (Python, JavaScript, or similar). Strong SOC operations knowledge (triage, hunting, IR, shift handover, tuning/FP reduction, threat intel operationalization). Preferred Palo Alto certs (PCCSA/PCNSA/XSIAM/XSOAR training). QRadar certification (or equivalent depth). Regulated industry experience (FSI, government, healthcare). Logging/data pipeline familiarity (Syslog-ng, Kafka, Cribl, etc.). Purple team or detection-as-code background. Responsibilities : As Senior Security Operations Platform Engineer, you will partner with SOC leadership, engineering, and stakeholders to ensure the migration is not a tool swap, but a measurable uplift in detection, response, and operational maturity. Key Responsibilities SOC Process Transformation Assess current triage, escalation, SLAs, and operating rhythms. Redesign workflows to align with XSIAM (correlation, automated triage, AI-driven prioritization). Build/implement incident response playbooks and automation rules in XSIAM. Define KPIs, metrics, and dashboards to improve SOC visibility and performance. Platform Migration & Deployment Lead end-to-end migration of SIEM/SOAR capabilities from QRadar/CP4S to XSIAM. Inventory and translate CP4S playbooks/runbooks into XSIAM automations. Establish content lifecycle management for multi-tenancy, tuning, and optimization. Define common workflows (incident/shift management, automation development, knowledge management). Ensure alert fidelity, data integrity, and coverage continuity through cutover. Modern SOC Architecture & Advisory Advise on next-gen SOC design across people, process, technology, and governance. Close detection gaps using XSIAM’s unified data model, UEBA, threat intel, and attack surface management. Recommend SOC structure (tiering), automation-first strategies, and response patterns. Mentor/upskill staff on XSIAM operations, XQL, and platform-native automation. Stakeholder Engagement & Documentation Produce migration plans, technical designs, runbooks, and post-implementation reporting. Provide regular updates on progress, risks, and recommendations to senior leadership. Coordinate with Palo Alto professional services and internal engineering as needed. Expected Deliverable(s) : Log source parsers and data normalization, log pipeline implementation, SOC analyst workflows and automations, cybersecurity use-case detections and tuning

Job Type: Full-time

Experience: