Security Architect

Remote • Posted 5 hours ago • Updated 5 hours ago
Contract W2
12 Months
No Travel Required
Remote
Depends on Experience
Fitment

Dice Job Match Score™

🛠️ Calibrating flux capacitors...

Job Details

Skills

  • Security Architect

Summary

Security Architect – Consultant (SIEM Engineer) 
100% Remote (Columbia, SC)
12 Months


Key Responsibilities

  • Design, deploy, configure, administer, optimize, and troubleshoot Palo Alto Cortex XSIAM and Cortex XDR platforms.
  • Engineer and support enterprise SIEM and XDR capabilities within large-scale, multi-tenant security environments.
  • Support agency onboarding, tenant-specific configuration, role-based access control, data segregation, dashboards, and reporting.
  • Develop, test, tune, and maintain detections, correlation rules, analytics, threat-hunting queries, watchlists, and alert suppression logic.
  • Reduce false positives while improving detection coverage, accuracy, and operational effectiveness.
  • Create, manage, and optimize complex automated response workflows and security playbooks.
  • Develop automation and integrations using Python, Bash, APIs, and other scripting technologies.
  • Design and administer Cribl data models and security log pipelines.
  • Perform log parsing, normalization, enrichment, filtering, routing, replay, transformation, and ingestion.
  • Onboard and troubleshoot telemetry from cloud platforms, endpoints, networks, identity systems, SaaS applications, Linux, Windows, and custom applications.
  • Monitor ingestion health, platform availability, alert volumes, false positives, detection coverage, service levels, and tenant-specific operational metrics.
  • Optimize log volumes, retention, platform performance, and data-ingestion costs while maintaining security and compliance requirements.
  • Integrate SIEM and XDR platforms with ticketing, case-management, notification, identity, threat-intelligence, and enterprise systems.
  • Develop automated workflows for enrichment, triage, containment, escalation, notification, case management, and incident response.
  • Support Tier 1 through Tier 3 SOC analysts through platform troubleshooting, detection tuning, threat hunting, technical escalation, knowledge transfer, and shift handoffs.
  • Create and maintain runbooks, standard operating procedures, escalation matrices, troubleshooting guides, architecture diagrams, data-flow documentation, use-case catalogs, and analyst knowledge articles.
  • Ensure high availability, resiliency, backup, recovery, lifecycle management, and controlled change processes for SIEM, XDR, and supporting log pipeline services.
  • Collaborate with security architects, engineers, analysts, and agency stakeholders to align solutions with business requirements, regulatory standards, cybersecurity frameworks, and organizational risk tolerance.
  • Participate in a monthly on-call rotation supporting a 24x7 SOC and provide after-hours maintenance or incident support as required.

Required Skills

  • Bachelor''s degree in Information Technology, Information Security, Cybersecurity, Computer Science, or a related field.
  • Eight or more years of relevant professional experience may be substituted in place of the degree requirement.
  • Five or more years of experience supporting large IT environments and/or enterprise system deployments.
  • Hands-on experience with Palo Alto Cortex XSIAM and Cortex XDR design, implementation, administration, configuration, optimization, troubleshooting, and operational support.
  • Experience engineering and supporting SIEM capabilities in large-scale, multi-tenant environments.
  • Experience supporting 24x7 Security Operations Center operations.
  • Experience developing and tuning detections, correlation rules, analytics, threat-hunting queries, dashboards, reporting, watchlists, and alert suppression logic.
  • Strong experience creating, maintaining, and managing complex security playbooks.
  • Hands-on experience with Cribl data modeling and security log pipeline design.
  • Experience with log parsing, normalization, enrichment, filtering, routing, replay, and ingestion.
  • Experience developing automation, integrations, response workflows, and playbooks using Python and Bash.
  • Experience onboarding, integrating, and troubleshooting telemetry from cloud, endpoint, network, identity, SaaS, Linux, Windows, and custom application sources.
  • Strong understanding of enterprise security architecture, incident response, networking, access control, secure system design, and cybersecurity frameworks.
  • Ability to support strategic planning, solution design, implementation, troubleshooting, performance optimization, and continuous security improvement.
  • Strong technical documentation, troubleshooting, communication, and cross-functional collaboration skills.

Preferred Skills

  • Hands-on experience operating Cortex XSIAM and Cortex XDR in a large, multi-tenant enterprise environment.
  • Hands-on Cribl administration, data modeling, pipeline development, and log pipeline optimization experience.
  • Experience supporting Tier 1, Tier 2, and Tier 3 SOC analysts.
  • Experience with threat hunting, incident response, operational escalation, and 24x7 shift handoffs.
  • Experience developing security playbooks, runbooks, procedures, escalation matrices, and technical documentation.
  • Familiarity with industry-standard security and compliance frameworks.
  • CISSP, CompTIA Security+, GIAC, or a comparable security certification.
  • Palo Alto Cortex, Cribl, SIEM, XDR, or another relevant security-platform certification.
  • Previous experience supporting government, regulated, or large enterprise security environments.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 90979286
  • Position Id: 9026129
  • Posted 5 hours ago
Contact the job poster
NP

Nilesh Pandya

Recruiter @ InterSources Inc.
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Remote

Today

Easy Apply

Contract

Depends on Experience

Remote or South Carolina

Today

Easy Apply

Contract

Remote

Today

Easy Apply

Contract

Depends on Experience

Remote

Today

Easy Apply

Contract

$80 - $110

Search all similar jobs