Sr Professional Services Architect XSIAM

Your Career

As a Principal Professional Services Architect for Cortex XSIAM you will serve as a senior technical and strategic leader bridging complex service delivery with long-term customer success this hybrid role you will spend your time delivering billable engagements such as data onboarding correlation engineering and automation design. You would partner with customers as their strategic advisor and architect driving platform adoption maturity and measurable security outcomes.

Youll engage with CISOs SOC leaders and security engineering teams at some of our largest and most strategic customers to design scalable ingestion architectures help customers evolve their detection strategy and partner with them on SOC transformation initiatives. Your work will focus on co-creating solutions with customers refining existing processes aligning them with XSIAM capabilities and providing best-practice recommendations to accelerate adoption and value realization.

Your Impact

Billable Engagements (45%)

• Architect and deliver data ingestion pipelines ensuring telemetry from diverse sources (endpoint network cloud identity) is normalized high-quality and aligned with best practices

• Design and implement custom correlation logic detections to address customer-specific use cases leveraging platform capabilities and reference content not building detections from scratch

• Advise on detection strategies by mapping customer threat models and operational needs to actionable detection use cases ensuring alignment with Cortexs research-driven detection content

• Review refine and recommend improvements to existing incident response workflows and automation playbooks aligning them with XSIAM capabilities and industry best practices while respecting established customer processes

• Mentor and enable customer SOC teams on alert triage optimization enrichment strategies and continuous detection tuning

• Produce and deliver technical documentation architecture diagrams runbooks and operational guides that support ongoing SOC operations

• Conduct workshops and hands-on sessions to transfer knowledge and upskill customer teams on the effective use of XSIAM.

Principal Customer Success Architect (55%)

• Serve as a trusted advisor to CISOs SOC Directors and security engineering leaders shaping their long-term XSIAM adoption strategy and architecture roadmap

• Lead architecture design sessions maturity assessments and strategic workshops to translate business objectives into actionable technical plans

• Design and deliver reference architectures best-practice frameworks and operational blueprints in collaboration with customer teams enabling them to evolve and sustain their SOC capabilities

• Provide strategic recommendations to enhance SOC maturity including ingestion strategies detection priorities automation approaches and operational workflows

• Identify opportunities for optimization automation and expansion within the customer environment guiding them toward continuous improvement and advanced use of XSIAM features

• Act as the technical escalation point and strategic liaison across customer product and internal engineering teams to ensure platform adoption and success metrics are achieved

• Capture and relay customer feedback to internal product and engineering teams influencing roadmap priorities and feature evolution.

Qualifications :

Your Experience 

• 10 years in Security Operations SIEM detection engineering or related roles with at least 4 years in an architecture advisory or leadership capacity

• Proven experience leading enterprise-scale SOC or SIEM transformation projects from design to operationalization

• Deep expertise in SIEM platforms (Cortex XSIAM Splunk QRadar Sentinel etc.) and security analytics methodologies

• Strong background in log ingestion normalization enrichment correlation engineering and detection strategy design

• Experience designing or improving automation workflows SOAR integrations and response playbooks based on existing operational processes

• Strong consultative skills and experience engaging directly with executive stakeholders to align security strategies with business goals

• Hands-on knowledge of threat hunting detection engineering and SOC optimization practices

• Proficiency with Regex log parsing and telemetry schema design

• Familiarity with MITRE ATT&CK NIST CSF and SOC maturity models

• Exceptional communication and presentation skills with the ability to translate complex technical topics for technical and non-technical audiences

• Bachelors degree in a relevant field or equivalent experience; certifications such as CISSP GIAC or SIEM vendor credentials are preferred.

Additional Information :

The Team

Our Professional Services and Customer Success organizations are at the forefront of customer enablement and platform adoption. We partner deeply with clients to help them operationalize Cortex XSIAM evolve their SOC capabilities and stay ahead of an ever-changing threat landscape. As a Principal architect youll operate at the intersection of delivery and advisory - shaping architectures driving adoption strategies and enabling customers to achieve measurable outcomes and long-term success.

Why Youll Love This Role

• Youll influence the security posture of some of the worlds largest and most sophisticated enterprises

• Youll operate at the strategic intersection of technical delivery advisory and architecture shaping how customers build and evolve their SOC

• Youll work with cutting-edge security analytics automation and AI-driven detection technologies at massive scale

• Youll become a trusted advisor and thought leader not just an implementer but enabling customers to transform their operations and achieve meaningful results

Our Commitment

Were problem solvers that take risks and challenge cybersecuritys status quo. Its simple: we cant accomplish our mission without diverse teams innovating together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need please contact us at  .

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace and all qualified applicants will receive consideration for employment without regard to age ancestry color family or medical care leave gender identity or expression genetic information marital status medical condition national origin physical or mental disability political affiliation protected veteran status race religion sex (including pregnancy) sexual orientation or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.

Remote Work :

No

Employment Type :

Full-time