Key skills
CloudCyber SecurityFirewallsLinuxPythonTCP/IPUnixPowerShellAnalyticsLeadershipPresentation Skills
About this role
Role Overview
- Work with customers to articulate business, security operations, and detection requirements and translate those needs into effective SIEM use cases, architectures, and operational models.
- Architect and validate SIEM solutions to ensure the customer’s risk reduction, visibility, and detection engineering objectives are met.
- Lead SIEM platform design, deployment, migration, and optimization efforts across Google SecOps, Microsoft Sentinel, CrowdStrike NG‑SIEM, and Palo Alto XSIAM.
- Assist with development of SIEM and SOC transformation engagement plans that enable customers to execute detection, response, and analytics strategies.
- Rationalize SIEM, logging, and security analytics technologies against business requirements, risk posture, cost constraints, and operational maturity.
- Serve as a recognized expert in SIEM architecture, log onboarding, detection engineering, UEBA, SOAR integration, and SOC operations.
- Lead and mentor other consultants on complex SIEM programs, providing technical direction and quality oversight across engagements.
- Able to present to large technical and executive audiences; speaks as an authority on SIEM strategy and security operations.
- Confidently handles difficult technical and strategic questions, consistently gaining trust and support from client stakeholders.
- Able to adapt and evolve SIEM delivery methodologies based on client maturity, platform capabilities, and operational constraints.
- Maintains broad awareness of the cybersecurity, SOC, and security analytics technology landscape beyond SIEM alone.
- Contributor to industry groups, thought leadership initiatives, whitepapers, or publications related to SIEM, SOC, or security operations.
Requirements
- Bachelor’s degree and approximately 10–15 years of related information security or technology consulting experience.
- Approximately 8–10 years of hands-on security architecture experience with a strong focus on SIEM and security operations platforms.
- Deep expertise in SIEM concepts including log collection and normalization, detection engineering, alerting strategy, content lifecycle management, SOC workflows, and integration with SOAR and EDR platforms.
- Strong practical experience with one or more modern SIEM platforms such as Google SecOps, Microsoft Sentinel, CrowdStrike NG‑SIEM, and Palo Alto XSIAM.
- Strong understanding of adjacent security domains including incident response, threat detection, vulnerability management, data classification, and security governance.
- Understanding of the professional services business and the organizational impact of technical and delivery decisions.
- Solid understanding of networking (TCP/IP, OSI model), operating systems (Windows, Linux/UNIX), cloud platforms, and modern security technologies (EDR, NDR, firewalls, IDS/IPS).
- Familiarity with scripting and automation languages commonly used in SIEM environments (e.g., KQL, Python, PowerShell, YAML).
- Strong understanding of regulatory and compliance requirements impacting security monitoring and log retention, including PCI DSS, GLBA, GDPR, and U.S. state privacy laws.
- Proven experience integrating SIEM platforms into complex enterprise and cloud environments, including log pipelines, APIs, and security tooling ecosystems.
- Willingness to travel to meet client needs.
- Valid driver’s license in the U.S. and a valid passport required.
- The successful candidate must hold or be willing to pursue relevant certifications such as CISSP, CISM, CISA, or SIEM‑specific platform certifications.
- Strong interpersonal, leadership, and client‑facing skills.
- Strong written and presentation skills with the ability to clearly communicate complex SIEM and SOC concepts to technical and executive audiences.
- Possess a high standard of integrity and confidentiality.
Tech Stack
- Cloud
- Cyber Security
- Firewalls
- Linux
- Python
- TCP/IP
- Unix
Benefits
- Professional training resources
- Work/life balance
- Volunteer Opportunities
- The ability and technology necessary to productively work remotely/from home (where applicable)