Tech Lead - XSIAM

• Lead XSIAM deployments and migrations, ensuring seamless onboarding of log sources and alignment with customer-specific requirements and security objectives
• Develop and oversee comprehensive detection strategies, leveraging threat intelligence and industry best practices to strengthen customers’ defenses
• Act as a trusted advisor to executive and SOC leadership, translating security goals into actionable implementation roadmaps
• Drive operational efficiency through automation, reducing mean time to respond (MTTR) and enabling SOC analysts to focus on higher-value investigations
• Facilitate collaboration across internal teams, customer stakeholders, and partners to ensure alignment and adoption of the XSIAM platform
• Provide expert guidance in SIEM architecture, correlation rule design, and performance optimization to maximize value from the platform
• Mentor customer technical teams, transferring knowledge and building long-term operational capability within the organization
• Deliver clear and concise technical documentation, strategic recommendations, and progress reports that support decision-making and program success
• Represent Professional Services as a subject matter expert in XSIAM, SIEM migrations, and SOC modernization initiatives

• Exceptional written and verbal communication and presentation skills, for both internal and external interactions
• 10+ years of experience with Security Operations Centers (SOC) tooling and processes
• 6+ years of hands-on experience in deploying and integrating SIEM solutions and migrating SIEM solutions from different vendors within enterprise to large enterprise-level environments
• Proficiency in coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring using SIEM platforms
• Ability to conceive and develop detection use cases in SIEM systems to enable effective alerting
• Proficiency in implementing and integrating automation solutions to enhance SOC efficiency, thereby minimizing MTTR and optimizing operational effectiveness
• Demonstrated expertise in threat intelligence management, including the ability to analyze and leverage threat intelligence feeds to proactively identify, assess, and mitigate potential security threats within the organization's environment
• Familiarity with a range of Endpoint security solutions such as anti malware, EDR, XDR
• Knowledge of generating reports on SIEM status, including metrics like logging source count, log collection rate, and other performance indicators
• Proven experience in providing consultative services to end customers within the realm of cybersecurity, particularly in SIEM and SOC domains
• Demonstrated ability to comprehend customer requirements, analyze complex security environments, and deliver strategic recommendations or best practices that align with their goals or expected outcomes
• Proficient in comprehending and creating technical design documentation and and or architecture
• Proven track record in effectively leading technical teams, managing resources, and overseeing projects within a dynamic cybersecurity environment, ensuring alignment with strategic objectives, timely delivery of milestones, and efficient utilization of resources
• Skilled in facilitating collaboration among diverse stakeholders, including technical teams, management, and external partners, to drive informed decision-making processes that align with organizational objectives and foster innovation in cybersecurity strategies
• Relevant bachelor's degree or equivalent military experience or industry-recognized qualifications (CISSP, GIAC, SIEM Vendor Qualification, etc.), is a plus

Relevant bachelor's degree or equivalent military experience or industry-recognized qualifications (CISSP, GIAC, SIEM Vendor Qualification, etc.)