Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Sunshine Enterprise USA

SIEM Engineer – Contract

Sunshine Enterprise USA

Security Architect Consultant – SIEM Engineer role at Sunshine Enterprise USA. Focus on Palo Alto Cortex XSIAM and Cortex XDR implementation and operational support in multi-tenant environments.

Posted 7/15/2026contractColumbia • South Carolina • 🇺🇸 United StatesSeniorLeadWebsite

Core Competencies

Role fit
Core Competencies

Use this summary to align your resume positioning with the role.

Demonstrates extensive expertise in Palo Alto Cortex XSIAM and Cortex XDR platforms, with a strong focus on detection engineering, automation development using Python and Bash, and multi-tenant SIEM environment management. Proven ability to support SOC operations and enhance enterprise security architecture through effective collaboration and incident response.

Highest-signal resume keywords
Palo Alto Cortex XSIAMPalo Alto Cortex XDRDetection EngineeringCribl AdministrationIncident Response

ATS Keywords

Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills
Detection RulesCorrelation RulesThreat HuntingAnalyticsLog Pipeline DesignData ModelingParsingNormalizationAutomation DevelopmentAlert Tuning
Soft Skills
CollaborationTroubleshootingKnowledge Transfer
Tools & Technologies
SIEMPythonBashCriblDashboards
Industry Keywords
Security Operations CenterMulti-Tenant EnvironmentsEnterprise Security ArchitectureCybersecurity FrameworksIdentity & Access Management

Tech Stack

Tools & technologies
CloudCyber SecurityLinuxPython

About the role

Key responsibilities & impact
  • Design, implement, configure, and maintain Palo Alto Cortex XSIAM and Cortex XDR platforms.
  • Support multi-tenant SIEM environments, including tenant onboarding, role-based access, data segregation, dashboards, and reporting.
  • Develop and optimize: Detection rules, Correlation rules, Analytics, Threat hunting queries, Watchlists, Alert suppression logic
  • Design and manage Cribl log pipelines, including: Data modeling, Parsing, Normalization, Enrichment, Routing, Filtering, Replay, Log ingestion
  • Integrate telemetry from cloud, endpoint, network, identity, SaaS, Linux, Windows, and custom applications.
  • Develop and maintain automated playbooks and response workflows using Python and Bash.
  • Support incident response, threat hunting, and SOC operations.
  • Create and maintain: Runbooks, SOPs, Architecture diagrams, Data flow documentation, Knowledge articles
  • Support Tier 1–Tier 3 SOC analysts through troubleshooting, tuning, and knowledge transfer.
  • Monitor SIEM health, ingestion, availability, detection coverage, false positives, MTTD, MTTR, and operational metrics.
  • Ensure platform resilience, backup, recovery, lifecycle management, and change control.
  • Collaborate with security architects, engineers, analysts, and business stakeholders to improve enterprise security capabilities.

Requirements

What you’ll need
  • 10+ Years of experience in Security Architect Consultant – SIEM Engineer role
  • Hands-on experience with Palo Alto Cortex XSIAM and Cortex XDR architecture, implementation, administration, and operational support
  • Experience supporting enterprise SIEM platforms within large multi-tenant environments
  • Experience supporting 24x7 Security Operations Centers (SOC)
  • Strong detection engineering experience including:
  • Correlation rules
  • Threat hunting
  • Analytics
  • Dashboards
  • Alert tuning
  • False-positive reduction
  • Hands-on Cribl administration including:
  • Data modeling
  • Log pipeline design
  • Parsing
  • Normalization
  • Enrichment
  • Routing
  • Ingestion
  • Experience developing automation using:
  • Python
  • Bash
  • Experience onboarding cloud, endpoint, network, identity, SaaS, Windows, Linux, and custom application telemetry.
  • Strong knowledge of:
  • Enterprise security architecture
  • Incident response
  • Secure system design
  • Networking
  • Identity & Access Management
  • Cybersecurity frameworks

Benefits

Comp & perks
  • remote work options
  • Professional development opportunities