Professional Services Consultant, XSIAM
Palo Alto Networks
full-time
Posted on:
Location Type: Remote
Location: Remote • Texas • 🇺🇸 United States
Visit company websiteSalary
💰 $140,000 - $192,500 per year
Job Level
Mid-LevelSenior
Tech Stack
CloudSplunk
About the role
- Collaborate with the technical lead to devise a comprehensive log ingestion strategy
- Contribute to the development of detection strategies based on industry best practices
- Articulate a step-by-step process to ensure the ingestion of high-quality log sources
- Monitor and optimize log sources for optimal performance
- Create meticulous and effective correlation rules
- Fine-tune log sources and correlation rules to enhance system efficiency
- Serve as the subject matter expert (SME) in SIEM, correlation, and log source ingestion
- Serve as a trusted advisor to end customers, offering consultative guidance and expertise in optimizing the utilization of Cortex XSIAM
- Leverage SIEM and SOC knowledge to assess customer needs and provide tailored recommendations
- Collaborate closely with customers to translate challenges into actionable security improvements
- Identify opportunities to enhance analyst alert handling through automation
- Foster collaboration with internal and external teams to drive product adoption
- Produce technical documentation detailing SIEM aspects of the engagement
- Occasionally travel to customer meetings and workshops (up to 10% of the time)
Requirements
- Exceptional written and verbal communication and presentation skills
- 6+ years of hands-on experience in deploying and integrating SIEM solutions within enterprise to large enterprise-level environments
- Proficiency in coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring using SIEM platforms
- Ability to conceive and develop correlation and detection rules in SIEM systems to enable effective alerting
- Familiarity with SIEM technologies such as Splunk and IBM QRadar
- Proven experience in providing consultative services to end customers in SIEM and SOC domains
- Demonstrated ability to analyze complex security environments and deliver strategic recommendations
- Strong expertise in Regular Expressions (Regex)
- Skill in understanding logs and locating relevant third-party documentation
- Knowledge of generating reports on SIEM status and performance indicators (logging source count, log collection rate, etc.)
- Understanding of Security Analysis & Response (endpoint, network, cloud) is a plus
- Proficient in comprehending and creating technical design documentation
- 4 years of experience with Security Operations Centers (SOC) tooling and processes
- Relevant bachelor's degree or industry-recognized qualifications (CISSP, GIAC, SIEM Vendor Qualification, etc.) is a plus
- Occasionally travel to customer meetings and workshops (up to 10% of the time)
Benefits
- The offered compensation may include restricted stock units
- Bonus
- Employee benefits (description/link provided)
- Employees can work remotely
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
SIEM solutionslog managementevent managementcompliance automationidentity monitoringcorrelation rulesdetection rulesRegular Expressionstechnical design documentationSecurity Analysis & Response
Soft skills
written communicationverbal communicationpresentation skillsconsultative guidancecollaborationanalytical skillscustomer engagementstrategic recommendationsproblem-solvingtechnical documentation
Certifications
CISSPGIACSIEM Vendor Qualification