Piper Companies is seeking a XSOAR Consultant to support log migration and detection strategy efforts for enterprise customers. This remote role will work closely with technical leads to onboard relevant log sources, implement detection strategies, and design high-quality correlation rules to protect against threats. The ideal candidate will be a subject matter expert in SIEM technologies and log ingestion, with strong experience in detection engineering and security operations.

QUALIFICATIONS:

• 6+ years of experience deploying and integrating SIEM solutions in enterprise environments.
• Proven ability to create and develop correlation and detection rules.
• Experience with SIEM platforms such as Splunk, IBM QRadar, and Cortex XSIAM.
• Strong understanding of log formats and third-party documentation.
• Expertise in Regular Expressions and log parsing.
• Familiarity with performance metrics and reporting for SIEM environments.
• Knowledge of security analysis and response across endpoint, network, and cloud environments.
• 4+ years of experience with Security Operations Center (SOC) tooling and processes.
• Bachelor’s degree in a relevant field or industry certifications (CISSP, GIAC, SIEM vendor certifications).
• Ability to read and create technical design documentation.
• Strong communication and presentation skills.
• Fluent in English; additional languages are a plus.

• Collaborate with technical leads to develop and execute log ingestion strategies.
• Contribute to detection strategies based on industry best practices and customer requirements.
• Document step-by-step processes for ingesting high-quality log sources.
• Monitor and optimize log source performance.
• Design and implement high-quality correlation rules.
• Tune log sources and detection rules for accuracy and efficiency.
• Serve as a subject matter expert in SIEM, correlation, and log ingestion.
• Identify opportunities for automation to improve alert handling.
• Work with internal and external teams to ensure successful product adoption.
• Create technical documentation detailing SIEM aspects of engagements.
• Travel to customer meetings and workshops as needed (up to 10%).