All Jobs Vacancy

Security Architect - SIEM Engineer

Posted 1 day ago by Xylo Technologies, Inc.

Title: Security Architect - Consultant (SIEM Engineer)

Duration: 12 Months

Remote

Why is this position open: New Position to assist the Division of Information Security (DIS).

Interview Process: 1-2 Rounds of Virtual Interviews. In person availability for interviews preferred.

Work Location: Role is 100% Remote. Preference will be given to local candidates who can come to the office as needed for client and departmental meetings, trainings, and other onsite activities.

Candidate location: No South Carolina residency required. Open to nationwide candidates. All travel-related costs for onsite work will be the responsibility of the resource no matter the frequency of onsite work.

Required Skills

  • Bachelor's Degree in an Information Technology or Information Security related field (8+ years of relevant work experience may be substituted in lieu of education)
  • 5+ years of experience support large IT environments and/or system deployments
  • Hands-on experience with Palo Alto Cortex, XSIAM, and Cortex XDR design, implementation, administration and operational support.
  • Experience engineering and supporting SIEM capabilities for multi-tenant environments and 24x7 Security Operations Center operations.
  • Experience developing and tuning detections, correlation rules, analytics, threat-hunting queries, dashboards, reporting and alert suppression logic.
  • Experience creating and managing complex playbooks
  • CRIBL Data Modeling, log pipeline design, parsing, normalization, enrichment, routing and ingestion.
  • Experience developing automation, integrations, playbooks and response workflows using scripting languages such as Python and Bash.
  • Experience onboarding and troubleshooting telemetry from cloud, endpoint, network, identity, SaaS, Linux, Windows and custom application sources.
  • Strong understanding of enterprise security architecture, incident response, networking, access control, secure system design and industry-standard cybersecurity frameworks.

Preferred Skills

  • CISSP, Security+ or GIAC certification
  • Palo Alto Cortex, Cribl or other relevant SIEM/security platform certification
  • Hands-on experience operating Cortex XSIAM and Cortex XDR in a large, multi-tenant environment.
  • Hands-on Cribl administration, data modeling and log pipeline optimization experience.
  • Experience supporting Tier 1 through Tier 3 SOC analysts, threat hunting, incident response and 24x7 operational handoffs.
  • Familiarity with industry-standard security and compliance frameworks and experience developing playbooks, runbooks, procedures and technical documentation.
Rate:
£0/year
Location:
Remote
IR35 Status:
Outside
Remote Status:
Remote
Industry:
Cybersecurity
Seniority Level:
Senior

Take-Home Pay

Not Available

Visit calculators for additional details

Create a free account to view the take-home pay for this contract

Share job