AHEAD builds platforms for digital business. By weaving together advances in cloud infrastructure, automation and analytics, and software delivery, we help enterprises deliver on the promise of digital transformation.
At AHEAD, we prioritize creating a culture of belonging, where all perspectives and voices are represented, valued, respected, and heard. We create spaces to empower everyone to speak up, make change, and drive the culture at AHEAD.
We are an equal opportunity employer, and do not discriminate based on an individual’s race, national origin, color, gender, gender identity, gender expression, sexual orientation, religion, age, disability, marital status, or any other protected characteristic under applicable law, whether actual or perceived.

QUALIFICATIONS:

• 5-8 years of dedicated experience in cybersecurity, with a strong practical background in SIEM, SOAR, EDR/XDR, or SOC operations.
• 3-5 years of demonstrated threat intelligence and Incident response experience
• A minimum of 2 years of direct experience implementing and configuring Palo Alto Networks XSIAM or similar advanced SecOps platforms.
• Demonstrated expertise in at least one of the following:
• o SIEM administration, including log collection, parsing, and normalization (XDM).
• o SOAR development, including creating playbooks and leveraging scripting (Python preferred).
• o EDR/XDR deployment and management, particularly with Cortex and CrowdStrike
• Proficiency with XQL for data analysis and rule creation.
• Solid understanding of network security concepts, cloud environments (AWS, Azure, GCP), and identity management.
• Strong analytical and troubleshooting capabilities.
• Effective communication skills, with the ability to engage with clients and team members.
• Palo Alto Networks certifications (e.g., PCNSE) or other relevant industry certifications are a plus.

• Take a hands-on role in the end-to-end delivery of Palo Alto Networks XSIAM solutions, including deployment, configuration, and customization to meet specific client requirements.
• Develop and implement custom XSIAM content, such as tailored correlation rules, data models for unique log sources, and automation playbooks that streamline client SOC workflows.
• Integrate a variety of data sources into XSIAM, ensuring comprehensive visibility across endpoint, network, cloud, and identity layers.
• Configure and fine-tune XSIAM functionalities, including TIM for threat intelligence enrichment and ASM for external visibility.
• Collaborate with clients to optimize their XSIAM deployment, provide guidance on alert tuning, and assist in operationalizing the platform.
• Act as a technical resource for troubleshooting and resolving complex XSIAM-related issues during and post-implementation.
• Contribute to project documentation, ensuring clarity and completeness of Solution Designs and As-Built configurations.
• Mentor junior AHEAD consultants, sharing your XSIAM knowledge and fostering their technical development.