Looking for Security Architect - Consultant (SIEM Engineer)
Why This Role Stands Out
This remote Security Architect role offers a fantastic opportunity to leverage your SIEM expertise within a dynamic consulting environment, with the potential for extension on this 12-month contract. You'll thrive if you are a seasoned professional with a strong IT security background, eager to contribute to impactful projects and further develop your skills. Apply today to explore this engaging position!
Quick Overview
Job Description
Security Architect - Consultant (SIEM Engineer)
Interview Process: 1-2 Rounds of Virtual Interviews. In person availability for interviews preferred.
Duration of the Contract: 12 Months
Possibility for Extension: Yes
Work Location: Role is 100% Remote. Preference will be given to local candidates who can come to the office as needed for client and departmental meetings, trainings, and other onsite activities.
Candidate location: No South Carolina residency required. Open to nationwide candidates. All travel-related costs for onsite work will be the responsibility of the resource no matter the frequency of onsite work.
Required Skills
· Bachelor''s Degree in an Information Technology or Information Security related field (8+ years of relevant work experience may be substituted in lieu of education)
· 5+ years of experience support large IT environments and/or system deployments
· Hands-on experience with Palo Alto Cortex, XSIAM, and Cortex XDR design, implementation, administration and operational support.
· Experience engineering and supporting SIEM capabilities for multi-tenant environments and 24x7 Security Operations Center operations.
· Experience developing and tuning detections, correlation rules, analytics, threat-hunting queries, dashboards, reporting and alert suppression logic.
· Experience creating and managing complex playbooks
· CRIBL Data Modeling, log pipeline design, parsing, normalization, enrichment, routing and ingestion.
· Experience developing automation, integrations, playbooks and response workflows using scripting languages such as Python and Bash.
· Experience onboarding and troubleshooting telemetry from cloud, endpoint, network, identity, SaaS, Linux, Windows and custom application sources.
· Strong understanding of enterprise security architecture, incident response, networking, access control, secure system design and industry-standard cybersecurity frameworks.
Preferred Skills
· CISSP, Security+ or GIAC certification
· Palo Alto Cortex, Cribl or other relevant SIEM/security platform certification
· Hands-on experience operating Cortex XSIAM and Cortex XDR in a large, multi-tenant environment.
· Hands-on Cribl administration, data modeling and log pipeline optimization experience.
· Experience supporting Tier 1 through Tier 3 SOC analysts, threat hunting, incident response and 24x7 operational handoffs.
· Familiarity with industry-standard security and compliance frameworks and experience developing playbooks, runbooks, procedures and technical documentation.
Similar jobs
Vendor Security Management Specialist
StratEdge It consulting INC · Austin, United States
10 minutes agoJourneyman Cyber Security Engineer (Splunk/TS) - USSOCOM EDAT Zero Trust
Kentro · Tampa, United States
1 hour agoJourneyman Cyber Security Engineer (Splunk/SIPR) - USSOCOM EDAT Zero Trust
Kentro · Tampa, United States
1 hour agoProduct Security Analyst (Mid-Senior) with Security Clearance
Boeing · Seattle, United States
2 hours ago$148.8k - $201.3k/yrSenior Splunk Cyber Security Engineer
MANTECH · Chantilly, United States
2 hours agoSAP Security Analyst
SAIC · Arlington, United States
2 hours ago$120.0k - $160k/yr