Job Description

Title: Cortex XSIAM Engineer

Location: Dallas TX – onsite

Duration: Full Time

Experience / Qualifications – Cortex XSIAM

· Exceptional written and verbal communication and presentation skills, with the ability to articulate complex technical concepts to both technical and non-technical stakeholders.

· 6+ years of hands-on experience deploying and managing SIEM and SOAR solutions in large-scale enterprise environments, including direct experience with Palo Alto Networks Cortex XSIAM.

· Proven expertise in onboarding log sources and integrating them into Cortex XSIAM using Broker VMs, XDR Collectors, and custom ingestion methods.

· Proficient in developing and managing XSIAM Data Models, including field mapping, enrichment, normalization, and schema standardization across multiple data sources.

· Strong experience crafting and optimizing detection logic using XQL (XSIAM Query Language) to build high-fidelity correlation rules, dashboards, and proactive threat hunting queries.

· Solid understanding of Palo Alto XDR endpoint integration, sensor health monitoring, and policy tuning for enhanced endpoint visibility.

· Experienced in event collection strategy, log onboarding, log tuning, and normalization to ensure high-quality and actionable data within the XSIAM platform.

· Demonstrated ability to translate security monitoring requirements into use cases and actionable detection content, aligned with MITRE ATT&CK and industry best practices.

· Familiarity with broader SIEM technologies (e.g., Splunk, IBM QRadar) and how they compare/contrast with Cortex XSIAM architecture and capabilities.

· Strong grasp of security operations workflows, alert triage, threat detection, incident response, and automation within XSIAM.

· Hands-on experience creating and managing security dashboards and visualizations to provide meaningful insights for SOC teams and leadership.

· Expertise in Regular Expressions (Regex), JSON parsing, and log analysis to derive context-rich detection strategies.

· Working knowledge of generating performance and health reports across log source status, ingestion rates, data pipeline performance, and detection coverage.

· Relevant certifications (e.g., Palo Alto Networks Certified XSIAM Engineer or XSIAM Analyst or XSIAM EDU-270). Bachelor’s degree in computer science, Information Security, or related field is a plus.

͏

Do

1. Design and develop enterprise cyber security strategy and architecture

a. Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses

b. Identify risks associated with business processes, operations,

information security programs and technology projects

c. Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge

d. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements

e. Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations

f. Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc.

g. Provide support during technical deployment, configuration, integration and administration of security technologies

h. Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc.

i. Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity

j. Provide solution of RFP’s received from clients and ensure overall design assurance

͏

i. Develop a direction to manage the portfolio of to-be-solutions including systems, shared infrastructure services, applications, hardware related to cyber risk security in order to better match business outcome objectives

ii. Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture

iii. Depending on the client’s need with particular standards and technology stacks create complete RFPs

iv. Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology

v. Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions

vi. Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps

vii. Evaluate and recommend solutions to integrate with overall technology ecosystem

viii. Tracks industry and application trends and relates these to planning current and future IT needs

͏

2. Stakeholder coordination & audit assistance

a. Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations

b. Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security

c. Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements

d. Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers

e. Provide training to employees on issues such as spam and unwanted or malicious emails

͏

Deliver