Please mention DailyRemote when applying
Job Title: SIEM Engineer
Location: 100%
Remote. Preference will be given to local candidates who can come to the office
as needed for client and departmental meetings, trainings, and other onsite
activities.
Interview Process: 1-2 Rounds of Virtual Interviews. In person
availability for interviews preferred.
Duration: 12 Months
Employment Type: Contract
Experience Required: 10+ Years
Project Scope:
We are seeking an experienced Security
Architect Consultant – SIEM Engineer to support the Department of
Administration's Division of Information Security. This role is focused on the
design, implementation, administration, optimization, and operational support
of Palo Alto Cortex XSIAM and Cortex XDR in a large-scale,
multi-tenant enterprise security environment.
The successful candidate will work alongside
enterprise security architects, engineers, and a 24x7 Security Operations
Center (SOC) team to enhance SIEM, XDR, detection engineering, automation,
incident response, and security monitoring capabilities across multiple state
agencies. This role also provides secondary support for Cribl data
pipelines, log management, and telemetry onboarding.
Key Responsibilities:
· Design,
implement, configure, and maintain Palo Alto Cortex XSIAM and Cortex
XDR platforms.
· Support
multi-tenant SIEM environments, including tenant onboarding, role-based access,
data segregation, dashboards, and reporting.
· Develop and
optimize: Detection rules, Correlation rules, Analytics, Threat hunting queries,
Watchlists, Alert suppression logic
· Design and manage Cribl log pipelines, including: Data modeling, Parsing, Normalization, Enrichment,
Routing, Filtering, Replay, Log ingestion
· Integrate
telemetry from cloud, endpoint, network, identity, SaaS, Linux, Windows, and
custom applications.
· Develop and
maintain automated playbooks and response workflows using Python and Bash.
· Support incident
response, threat hunting, and SOC operations.
· Create and
maintain: Runbooks, SOPs, Architecture diagrams, Data flow documentation, Knowledge
articles
· Support Tier
1–Tier 3 SOC analysts through troubleshooting, tuning, and knowledge transfer.
· Monitor SIEM
health, ingestion, availability, detection coverage, false positives, MTTD,
MTTR, and operational metrics.
· Ensure platform
resilience, backup, recovery, lifecycle management, and change control.
· Collaborate with
security architects, engineers, analysts, and business stakeholders to improve
enterprise security capabilities.
Required Skills & Experience:
Preferred Skills:
· Excellent written
and verbal communication skills.
· Strong ability to
create: Business Requirements Documents (BRD), Functional Requirements
Documents (FRD), Use Cases, Process Documentation
· Experience
gathering requirements through stakeholder interviews, policy documents,
regulations, and business rules analysis.
· Knowledge of
business modeling techniques and graphical process flow tools.
· Ability to
communicate effectively with: Executive management, Business users, Project
managers, Technical teams, External stakeholders
Education
Bachelor's degree in Information Technology, Information Security, Computer
Science, or related field.
Eight
(8) years of relevant experience may be substituted for the degree requirement.
Minimum
five (5) years supporting large enterprise IT environments or system
deployments.
Preferred Certifications
Stop the endless job search. Our AI finds and applies to the best jobs for you.
Discover remote opportunities in Software Development
Answer easy questions
200,000+ jobs across 15+ categories
Get your best job matches
Only hand-screened, legit jobs
Find a remote job faster
No ads, scams, or junk
“ I was the first applicant for a remote marketing position that got listed on the company website the same day I applied. Had an interview within 48 hours!