Senior Cyber Security Engineer

Senior Cyber Security Engineer

We are seeking a Senior Cyber Security Engineer to play a pivotal role in advancing our detection, response, and automation capabilities across a modern enterprise security stack. In this role, you will serve as a hands‑on technical leader responsible for designing, engineering, and optimizing Cortex XSIAM to deliver high‑fidelity detections, scalable automation, and rapid incident response. You will work with rich telemetry spanning endpoint, network, cloud, and identity data to turn adversary behavior into actionable analytics that measurably reduce risk.

• Platform Engineering:
  Design, deploy, and maintain Cortex XSIAM detections, correlations, and analytics across endpoint, network, cloud, and identity data sources. Build and tune detection logic to reduce noise while improving true‑positive rates. Perform ongoing platform optimization, including ingest management, rule tuning, and performance improvements.
• Detection Engineering & Threat Hunting:
  Develop and maintain custom detections using XQL. Conduct proactive threat hunting and investigations using XSIAM analytics and telemetry. Translate threat intelligence and adversary techniques into actionable detections aligned to MITRE ATT&CK.
• Automation & Response:
  Design and maintain automated response playbooks to accelerate incident containment and remediation. Integrate XSIAM with enterprise tooling such as identity, EDR, ticketing, cloud, and network security platforms. Support continuous improvement of MTTR through automation and orchestration.
• Operations &
  
  Collaboration:
  
  Partner with SOC analysts, incident responders, and engineering teams on investigations and response activities. Support post‑go‑live enhancements, backlog grooming, and technical debt reduction initiatives. Provide technical guidance and mentorship to engineers and analysts.

• Minimum 5+ years of experience in Security Operations, Detection Engineering, or SIEM/SOAR engineering.
• Hands‑on experience with Palo Alto Networks Cortex XSIAM (or strong XDR/XSOAR experience with rapid XSIAM ramp‑up).
• Strong working knowledge of SIEM/XDR concepts and log analytics, incident response and threat detection workflows, and automation and orchestration use cases.
• Proficiency with XQL, KQL, SPL, or similar security query languages.
• Experience integrating data from endpoint, network, cloud, and identity platforms.
• Strong scripting experience (Python preferred).
• Experience operating security platforms at enterprise scale.
• Preferred experience with endpoint security, cloud security telemetry, and identity and access logs.
• Familiarity with MITRE ATT&CK and threat intelligence frameworks.
• Experience supporting a 24/7 SOC or global security operations team.
• Bachelor’s degree in computer science, information assurance, MIS or equivalent industry experience.
• Palo Alto Networks Certified XSIAM Engineer or Analyst certification preferred.
• Additional industry certifications are a plus (CEH, CISM, etc.).

• Hybrid or remote work schedules available.
• Comprehensive benefits package that includes annual leave, tuition reimbursement, referral bonuses, and more.
• Employees are eligible for Success Sharing, bonuses, or commission plans based on role and individual performance.

Disclaimer:
The information above describes the general nature and level of work performed by employees in this role. It is not intended to describe all duties, responsibilities, and qualifications.