Job Description

Company Description

Our Mission

At Palo Alto Networks everything starts and ends with our mission:


Being the cybersecurity partner of choice, protecting our digital way of life.

Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we're looking for innovators who are as committed to shaping the future of cybersecurity as we are.

Who We Are

Our hybrid teams collaborate across geographies to solve big problems, stay close to our customers, and grow together. You will be part of a culture that values trust, accountability, and shared success where your work truly matters.

Your Career

As a SIEM Engineer for Cortex XSIAM, you will be responsible for assisting with the log migration and detection strategy of our customers. You will work closely with the technical lead to ensure that all of the relevant log sources are onboarded and ingested into XSIAM in accordance with industry best practices and customer requirements. You will then work to determine a suitable detection strategy, helping to protect customers from threats, by designing and implementing correlation rules.

Your Impact

Work with technical lead to develop log ingestion strategy Contribute to detection strategy based on industry best practices Detail step by step process to ingest high quality log sources Perform log source monitoring and optimization Create high quality correlation rules Tune log sources and correlation rules Be an SME for SIEM, Correlation and Log Source Ingestion Recognize opportunities where automation can improve analyst alert handling Collaborate with internal and external teams to ensure product adoption Create technical documentation detailing SIEM aspects of the engagement Travel to customer meetings and workshops as needed (10%)

Qualifications

Your Experience

Strong communication (written and verbal) and presentation skills, both internally and externally Fluent English is a requirement 8+ years of deploying and integrating (SIEM) to enterprise to large enterprise-level Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities using (SIEM) platforms The ability to create and develop correlation and detection rules, within a (SIEM) to support alerting capabilities Experience working with and deploying a variety of SIEM technologies (i.e Splunk, IBM QRadar) A proven ability to offer suggestions on detection strategy based on customer requirements Strong Regular Expression skills Ability to understand logs, locating and understanding 3rd party documentation where needed Familiarity with reports on the status of the SIEM to include metrics on items such as number of logging sources - log collection rate, and other performance metrics Knowledge of Security Analysis & Response a plus, including both endpoint, network & cloud based environments 4 years experience with Security Operation Centers tooling and processes Relevant bachelor's degree or industry recognized qualifications (CISSP, GIAC, SIEM Vendor Qualification etc) Ability to read and understand technical design documentation Ability to create technical design documentation

Additional Information

The Team

Our Professional Services team is critical to our success and mission. As part of this team, you enable customer success by providing support to clients post-sale. Our dedication to our customers doesn't stop once they sign -- it evolves.



As threats and technology evolve, we stay in step to accomplish our mission. You'll be involved in implementing new products, transitioning from old products to new, and fixing integrations and critical issues as they are raised. But you won't wait for them to be raised, you'll seek them out, too. We fix and identify technical problems with a pointed focus of providing the best customer support in the industry.

Our Commitment

We're problem solvers that take risks and challenge cybersecurity's status quo. It's simple: we can't accomplish our mission without diverse teams innovating, together.


We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.


Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.


All your information will be kept confidential according to EEO guidelines.