SIEM Engineer - Contract - Remote (Onsite in SC if required)

 Posted 3 hours ago
     
10+ years experience
Apply Now

Please mention DailyRemote when applying

AI Summary

Design, implement, and optimize Palo Alto Cortex XSIAM and XDR platforms within a large-scale multi-tenant environment. Manage Cribl data pipelines and develop automated response workflows using Python and Bash to support SOC operations.

Job Title: SIEM Engineer
Location: 100% Remote. Preference will be given to local candidates who can come to the office as needed for client and departmental meetings, trainings, and other onsite activities.

Interview Process: 1-2 Rounds of Virtual Interviews. In person availability for interviews preferred.
Duration: 12 Months
Employment Type:
Contract
Experience Required:
10+ Years

Candidate location: No South Carolina residency required. Open to nationwide candidates. All travel-related costs for onsite work will be the responsibility of the resource no matter the frequency of onsite work.

Project Scope:

We are seeking an experienced Security Architect Consultant – SIEM Engineer to support the Department of Administration's Division of Information Security. This role is focused on the design, implementation, administration, optimization, and operational support of Palo Alto Cortex XSIAM and Cortex XDR in a large-scale, multi-tenant enterprise security environment.

The successful candidate will work alongside enterprise security architects, engineers, and a 24x7 Security Operations Center (SOC) team to enhance SIEM, XDR, detection engineering, automation, incident response, and security monitoring capabilities across multiple state agencies. This role also provides secondary support for Cribl data pipelines, log management, and telemetry onboarding.

 

Key Responsibilities:

·        Design, implement, configure, and maintain Palo Alto Cortex XSIAM and Cortex XDR platforms.

·        Support multi-tenant SIEM environments, including tenant onboarding, role-based access, data segregation, dashboards, and reporting.

·        Develop and optimize: Detection rules, Correlation rules, Analytics, Threat hunting queries, Watchlists, Alert suppression logic

·        Design and manage Cribl log pipelines, including: Data modeling, Parsing, Normalization, Enrichment, Routing, Filtering, Replay, Log ingestion

·        Integrate telemetry from cloud, endpoint, network, identity, SaaS, Linux, Windows, and custom applications.

·        Develop and maintain automated playbooks and response workflows using Python and Bash.

·        Support incident response, threat hunting, and SOC operations.

·        Create and maintain: Runbooks, SOPs, Architecture diagrams, Data flow documentation, Knowledge articles

·        Support Tier 1–Tier 3 SOC analysts through troubleshooting, tuning, and knowledge transfer.

·        Monitor SIEM health, ingestion, availability, detection coverage, false positives, MTTD, MTTR, and operational metrics.

·        Ensure platform resilience, backup, recovery, lifecycle management, and change control.

·        Collaborate with security architects, engineers, analysts, and business stakeholders to improve enterprise security capabilities.

 

Required Skills & Experience:

  • Hands-on experience with Palo Alto Cortex XSIAM and Cortex XDR architecture, implementation, administration, and operational support.
  • Experience supporting enterprise SIEM platforms within large multi-tenant environments.
  • Experience supporting 24x7 Security Operations Centers (SOC).
  • Strong detection engineering experience including:
    • Correlation rules
    • Threat hunting
    • Analytics
    • Dashboards
    • Alert tuning
    • False-positive reduction
  • Hands-on Cribl administration including:
    • Data modeling
    • Log pipeline design
    • Parsing
    • Normalization
    • Enrichment
    • Routing
    • Ingestion
  • Experience developing automation using:
    • Python
    • Bash
  • Experience onboarding cloud, endpoint, network, identity, SaaS, Windows, Linux, and custom application telemetry.
  • Strong knowledge of:
    • Enterprise security architecture
    • Incident response
    • Secure system design
    • Networking
    • Identity & Access Management
    • Cybersecurity frameworks

 

Preferred Skills:

·        Excellent written and verbal communication skills.

·        Strong ability to create: Business Requirements Documents (BRD), Functional Requirements Documents (FRD), Use Cases, Process Documentation

·        Experience gathering requirements through stakeholder interviews, policy documents, regulations, and business rules analysis.

·        Knowledge of business modeling techniques and graphical process flow tools.

·        Ability to communicate effectively with: Executive management, Business users, Project managers, Technical teams, External stakeholders

Education
Bachelor's degree in Information Technology, Information Security, Computer Science, or related field.

Eight (8) years of relevant experience may be substituted for the degree requirement.

Minimum five (5) years supporting large enterprise IT environments or system deployments.

 

Preferred Certifications

  • CISSP
  • Security+
  • GIAC
  • Palo Alto Cortex Certification
  • Cribl Certification
  • Other relevant SIEM or cybersecurity certifications


Similar Jobs

See all Remote Software Development jobs →

Personalize your Remote Job Search in 3 Easy Steps!

Discover remote opportunities in Software Development

Answer easy questions

Answer easy questions

200,000+ jobs across 15+ categories

Get your best job matches

Get your best job matches

Only hand-screened, legit jobs

Find a remote job faster

Find a remote job faster

No ads, scams, or junk

I was the first applicant for a remote marketing position that got listed on the company website the same day I applied. Had an interview within 48 hours!

Sarah J. — Sarah J. · Marketing Manager ★★★★★ Verified