Serve as the primary technical advisor for assigned strategic customer accounts
Develop and maintain trusted advisor relationships with customer security teams and leadership
Understand customer security operations workflows, use cases, and business objectives
Mentor customer teams on SIEM best practices and threat hunting techniques
Guide customers through Next-Gen SIEM deployment, configuration, and integration
Optimize data ingestion strategies and log source configurations
Design and implement custom detection rules, correlation searches, and use cases
Develop dashboards, reports, and visualizations tailored to customer requirements
Assist with migration of detection content from legacy SIEM platforms (Splunk, QRadar, etc.)
Perform health checks and platform optimization reviews
Troubleshoot complex technical issues and coordinate with engineering teams as needed
Track and report on key performance indicators and success metrics
Identify opportunities for automation and workflow improvements
Contribute to internal knowledge base and best practices documentation

Requirements

2+ years of experience in security operations, SIEM administration, or security engineering
Familiarity with at least one major SIEM platform (Next-Gen SIEM, LogScale, Splunk, QRadar, Sentinel, Chronicle, etc.)
Understanding of query languages (SQL, SPL, KQL, CQL, or similar)
Experience with detection engineering and correlation rule development
Knowledge of common log sources (Windows, Linux, network devices, cloud platforms)
Familiarity with scripting/automation (Python, PowerShell, Bash)
Understanding of cloud security (AWS, Azure, GCP, OCI)
Familiarity with endpoint detection and response (EDR) concepts
Exceptional communication skills with ability to explain technical concepts to varied audiences
Strong presentation and training delivery capabilities
Self-motivated with excellent time management and prioritization skills
Customer-focused mindset with commitment to driving customer success
Ability to work independently in a remote/embedded environment
Strong problem-solving and analytical thinking abilities
Experience with CrowdStrike Falcon platform and Next-Gen SIEM (Bonus)
CrowdStrike certification (CCFA, CCFH, or similar) (Bonus)
Previous consulting or customer-facing technical role experience (Bonus)
Industry certifications (CISSP, GCIA, GCIH, CEH, or similar) (Bonus)
Experience with SOAR platforms and security automation (Bonus)
Knowledge of threat intelligence platforms and frameworks (Bonus)

Benefits

Market leader in compensation and equity awards
Comprehensive physical and mental wellness programs
Competitive vacation and holidays for recharge
Paid parental and adoption leaves
Professional development opportunities for all employees regardless of level or role
Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
Vibrant office culture with world class amenities
Great Place to Work Certified™ across the globe

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

SIEM administrationdetection engineeringcorrelation rule developmentquery languagesscriptingcloud securityendpoint detection and responsedata ingestion strategieslog source configurationsautomation

Soft Skills

communication skillspresentation skillstraining deliverytime managementprioritizationcustomer-focused mindsetproblem-solvinganalytical thinkingself-motivatedindependent work

Certifications

CrowdStrike certificationCISSPGCIAGCIHCEH