Haystack
← Back to Jobs
Remote
Administrative

Security Architect - SIEM Engineer

Xylo Technologies, Inc.United States🇺🇸United StatesPosted 17 Jul 2026

Quick Overview

Work Type
Remote
Level
Mid Senior

Job Description

Title: Security Architect - Consultant (SIEM Engineer)

Duration: 12 Months

Remote

 

Why is this position open: New Position to assist the Division of Information Security (DIS).

Interview Process: 1-2 Rounds of Virtual Interviews. In person availability for interviews preferred.

Work Location: Role is 100% Remote. Preference will be given to local candidates who can come to the office as needed for client and departmental meetings, trainings, and other onsite activities.

Candidate location: No South Carolina residency required. Open to nationwide candidates. All travel-related costs for onsite work will be the responsibility of the resource no matter the frequency of onsite work.

 

Required Skills

Bachelor''s Degree in an Information Technology or Information Security related field (8+ years of relevant work experience may be substituted in lieu of education)

5+ years of experience support large IT environments and/or system deployments

Hands-on experience with Palo Alto Cortex, XSIAM, and Cortex XDR design, implementation, administration and operational support.

Experience engineering and supporting SIEM capabilities for multi-tenant environments and 24x7 Security Operations Center operations.

Experience developing and tuning detections, correlation rules, analytics, threat-hunting queries, dashboards, reporting and alert suppression logic.

Experience creating and managing complex playbooks

CRIBL Data Modeling, log pipeline design, parsing, normalization, enrichment, routing and ingestion.

Experience developing automation, integrations, playbooks and response workflows using scripting languages such as Python and Bash.

Experience onboarding and troubleshooting telemetry from cloud, endpoint, network, identity, SaaS, Linux, Windows and custom application sources.

Strong understanding of enterprise security architecture, incident response, networking, access control, secure system design and industry-standard cybersecurity frameworks.

Preferred Skills

CISSP, Security+ or GIAC certification

Palo Alto Cortex, Cribl or other relevant SIEM/security platform certification

Hands-on experience operating Cortex XSIAM and Cortex XDR in a large, multi-tenant environment.

Hands-on Cribl administration, data modeling and log pipeline optimization experience.

Experience supporting Tier 1 through Tier 3 SOC analysts, threat hunting, incident response and 24x7 operational handoffs.

Familiarity with industry-standard security and compliance frameworks and experience developing playbooks, runbooks, procedures and technical documentation.

Similar jobs