Piper Companies is seeking a Remote SIEM Engineer (Cortex XSIAM) to join a premier cyber security organization. The SIEM Engineer will work with clients to determine a suitable detection strategy, helping to protect customers from threats, by designing and implementing correlation rules.

QUALIFICATIONS FOR THE SIEM ENGINEER INCLUDE:

• 6+ years of deploying and integrating (SIEM) to enterprise to large enterprise-level
• SIEM Experience with Cortex, Splunk, or Qradar
• Automation experience with Python or XSOAR
• Endpoint experience with Crowdstrike
• Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities using (SIEM) platforms
• The ability to create and develop correlation and detection rules, within a (SIEM) to support alerting capabilities
• Ability to understand logs, locating and understanding 3rd party documentation where needed
• Familiarity with reports on the status of the SIEM to include metrics on items such as number of logging sources - log collection rate, and other performance metrics
• Knowledge of Security Analysis & Response a plus, including both endpoint, network & cloud-based environments
• Experience with Security Operation Centers tooling and processes

• Work with technical lead to develop log ingestion strategy
• Contribute to detection strategy based on industry best practices
• Detail step-by-step process to ingest high-quality log sources
• Perform log source monitoring and optimization
• Create high-quality correlation rules
• Tune log sources and correlation rules
• Be an Subject Matter Expert (SME) for SIEM, Correlation, and Log Source Ingestion
• Recognize opportunities where automation can improve analyst alert handling
• Collaborate with internal and external teams to ensure product adoption
• Create technical documentation detailing SIEM aspects of the engagement
• Travel to customer meetings and workshops as needed (10%)