Overview:Palo Alto’s XSIAM (Extended Security Intelligence & Automation Management) platform brings together data ingestion, analytics, automation, and threat detection/response into a unified SOC solution. You must have prior experience coordinating & conducting event collection, log management, event management, compliance automation, and identity monitoring activities using (SIEM) platforms. You will contribute to detection strategy based on Industry best practices as well as perform log source monitoring and optimization. Since we are building a product matrix for XSIAM with L1, L2, and L3 roles, we will align your responsibilities with the core functional areas of the platform.Requirements:1. Must have 2-10+ years of deploying and integrating (SIEM) to enterprise to large enterprise-level- {Palo Alto’s XSIAM Preferred }Ability to understand logs, locating and understanding 3rd party documentation where needed • The ability to create and develop correlation and detection rules, within a (SIEM) to support alerting capabilities• Knowledge of Security Analysis & Response a plus, including both endpoint, network & cloud-based environments2. Should have prior experience working with and deploying a variety of SIEM technologies (i.e. Splunk, IBM QRadar)3. Experience with Security Operation Centers tooling and processes4. L3 personnel will bee a Subject Matter Expert (SME) for SIEM, Correlation, and Log Source Ingestion5. Experience with leading a high-performance engineering team in a professional services environment6. Strong coaching skills. Able to provide constructive criticism in a positive manner.7. A self-starter who exudes positive energy and can rally those around them to a common goal.
Job Title
SIEM Engineer