Principal Consultant – SOC Transformation, XSIAM Deployment
Palo Alto Networks
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇸🇦 Saudi Arabia
Visit company websiteJob Level
Lead
Tech Stack
CloudSplunk
About the role
- serve as the lead strategic advisor and subject matter expert for customers undertaking a full-scale SOC modernization with XSIAM
- lead multi-national SOC transformation programs, consolidating fragmented detection and response processes into a unified, AI-driven platform
- direct enterprise-scale XSIAM deployments, guiding customers from initial strategy to full operationalization
- devise and oversee comprehensive log ingestion strategies to ensure high-quality data fuels the XSIAM platform
- architect and implement sophisticated detection strategies and correlation rules to fortify customer defenses against advanced threats
- fine-tune and optimize log sources and correlation rules to maximize system performance and detection efficacy
- identify opportunities to enhance analyst alert handling and response through automation
- transform ambiguity into structured action plans, driving accountability at every level of a customer engagement
- build and mentor high-performing professional services teams that blend consulting, engineering, and change management expertise
- partner with Product and R&D teams to incorporate field insights into roadmap priorities
Requirements
- 10+ years of hands-on experience in deploying and integrating SIEM/security analytics solutions within large enterprise environments
- 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows
- hands-on technical mastery across SIEM, SOAR, EDR, cloud security, and threat intelligence
- ability to conceive, architect, and develop effective correlation and detection rules
- familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar, is a plus
- strong expertise in Regular Expressions (Regex)
- relevant bachelor's degree or industry-recognized qualifications (CISSP, GIAC, etc.), is a plus
- must be able to travel up to 30%
Benefits
- flexible work arrangement
- professional development
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
SIEMSOAREDRcloud securitythreat intelligencecorrelation rulesdetection strategieslog ingestionRegular ExpressionsAI-driven platforms
Soft skills
strategic advisorleadershipmentoringconsultingchange managementaccountabilityproblem-solvingcommunicationteam buildingautomation
Certifications
CISSPGIAC