Extended Expertise consultant (Professional Services)

Your Career

As a SIEM Engineer for Cortex XSIAM you will be responsible for assisting with the log migration and detection strategy of our customers. You will work closely with the technical lead to ensure that all of the relevant log sources are onboarded and ingested into XSIAM in accordance with industry best practices and customer requirements. You will then work to determine a suitable detection strategy helping to protect customers from threats by designing and implementing correlation rules.

Your Impact

• Work with technical lead to develop log ingestion strategy

• Contribute to detection strategy based on industry best practices

• Detail step by step process to ingest high quality log sources

• Perform log source monitoring and optimization

• Create high quality correlation rules

• Tune log sources and correlation rules

• Be an SME for SIEM Correlation and Log Source Ingestion

• Recognize opportunities where automation can improve analyst alert handling

• Collaborate with internal and external teams to ensure product adoption

• Create technical documentation detailing SIEM aspects of the engagement

• Travel to customer meetings and workshops as needed (10%)

Qualifications :

Your Experience 

• Strong communication (written and verbal) and presentation skills both internally and externally 

• Fluent English is a requirement 

• 8 years of deploying and integrating (SIEM) to enterprise to large enterprise-level 

• Coordinating and conducting event collection log management event management compliance automation and identity monitoring activities using (SIEM) platforms 

• The ability to create and develop correlation and detection rules within a (SIEM) to support alerting capabilities 

• Experience working with and deploying a variety of SIEM technologies (i.e Splunk IBM QRadar) 

• A proven ability to offer suggestions on detection strategy based on customer requirements 

• Strong Regular Expression skills 

• Ability to understand logs locating and understanding 3rd party documentation where needed 

• Familiarity with reports on the status of the SIEM to include metrics on items such as number of logging sources - log collection rate and other performance metrics 

• Knowledge of Security Analysis & Response a plus including both endpoint network & cloud based environments 

• 4 years experience with Security Operation Centers tooling and processes 

• Relevant bachelors degree or industry recognized qualifications (CISSP GIAC SIEM Vendor Qualification etc) 

• Ability to read and understand technical design documentation 

• Ability to create technical design documentation

Additional Information :

The Team

Our Professional Services team is critical to our success and mission. As part of this team you enable customer success by providing support to clients post-sale. Our dedication to our customers doesnt stop once they sign it evolves.

As threats and technology evolve we stay in step to accomplish our mission. Youll be involved in implementing new products transitioning from old products to new and fixing integrations and critical issues as they are raised. But you wont wait for them to be raised youll seek them out too. We fix and identify technical problems with a pointed focus of providing the best customer support in the industry.

Our Commitment

Were problem solvers that take risks and challenge cybersecuritys status quo. Its simple: we cant accomplish our mission without diverse teams innovating together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need please contact us at  .

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace and all qualified applicants will receive consideration for employment without regard to age ancestry color family or medical care leave gender identity or expression genetic information marital status medical condition national origin physical or mental disability political affiliation protected veteran status race religion sex (including pregnancy) sexual orientation or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.

Remote Work :

No

Employment Type :

Full-time