SIEM Engineer @SUNSHINE ENTERPRISE USA LLC
Information Technology
Salary unspecified
Remote Location
πŸ‡ΊπŸ‡Έ USA Only
Employment Type contract
Posted YDay

[Hiring] SIEM Engineer @SUNSHINE ENTERPRISE USA LLC

YDay - SUNSHINE ENTERPRISE USA LLC is hiring a remote SIEM Engineer. πŸ’Έ Salary: unspecified πŸ“Location: USA

Role Description

We are seeking an experienced Security Architect Consultant – SIEM Engineer to support the Department of Administration's Division of Information Security. This role is focused on the design, implementation, administration, optimization, and operational support of Palo Alto Cortex XSIAM and Cortex XDR in a large-scale, multi-tenant enterprise security environment.

The successful candidate will work alongside enterprise security architects, engineers, and a 24x7 Security Operations Center (SOC) team to enhance SIEM, XDR, detection engineering, automation, incident response, and security monitoring capabilities across multiple state agencies. This role also provides secondary support for Cribl data pipelines, log management, and telemetry onboarding.

Key Responsibilities

  • Design, implement, configure, and maintain Palo Alto Cortex XSIAM and Cortex XDR platforms.
  • Support multi-tenant SIEM environments, including tenant onboarding, role-based access, data segregation, dashboards, and reporting.
  • Develop and optimize:
    • Detection rules
    • Correlation rules
    • Analytics
    • Threat hunting queries
    • Watchlists
    • Alert suppression logic
  • Design and manage Cribl log pipelines, including:
    • Data modeling
    • Parsing
    • Normalization
    • Enrichment
    • Routing
    • Filtering
    • Replay
    • Log ingestion
  • Integrate telemetry from cloud, endpoint, network, identity, SaaS, Linux, Windows, and custom applications.
  • Develop and maintain automated playbooks and response workflows using Python and Bash.
  • Support incident response, threat hunting, and SOC operations.
  • Create and maintain:
    • Runbooks
    • SOPs
    • Architecture diagrams
    • Data flow documentation
    • Knowledge articles
  • Support Tier 1–Tier 3 SOC analysts through troubleshooting, tuning, and knowledge transfer.
  • Monitor SIEM health, ingestion, availability, detection coverage, false positives, MTTD, MTTR, and operational metrics.
  • Ensure platform resilience, backup, recovery, lifecycle management, and change control.
  • Collaborate with security architects, engineers, analysts, and business stakeholders to improve enterprise security capabilities.

Qualifications

  • Hands-on experience with Palo Alto Cortex XSIAM and Cortex XDR architecture, implementation, administration, and operational support.
  • Experience supporting enterprise SIEM platforms within large multi-tenant environments.
  • Experience supporting 24x7 Security Operations Centers (SOC).
  • Strong detection engineering experience including:
    • Correlation rules
    • Threat hunting
    • Analytics
    • Dashboards
    • Alert tuning
    • False-positive reduction
  • Hands-on Cribl administration including:
    • Data modeling
    • Log pipeline design
    • Parsing
    • Normalization
    • Enrichment
    • Routing
    • Ingestion
  • Experience developing automation using:
    • Python
    • Bash
  • Experience onboarding cloud, endpoint, network, identity, SaaS, Windows, Linux, and custom application telemetry.
  • Strong knowledge of:
    • Enterprise security architecture
    • Incident response
    • Secure system design
    • Networking
    • Identity & Access Management
    • Cybersecurity frameworks

Preferred Skills

  • Excellent written and verbal communication skills.
  • Strong ability to create:
    • Business Requirements Documents (BRD)
    • Functional Requirements Documents (FRD)
    • Use Cases
    • Process Documentation
  • Experience gathering requirements through stakeholder interviews, policy documents, regulations, and business rules analysis.
  • Knowledge of business modeling techniques and graphical process flow tools.
  • Ability to communicate effectively with:
    • Executive management
    • Business users
    • Project managers
    • Technical teams
    • External stakeholders

Education

  • Bachelor's degree in Information Technology, Information Security, Computer Science, or related field.
  • Eight (8) years of relevant experience may be substituted for the degree requirement.
  • Minimum five (5) years supporting large enterprise IT environments or system deployments.

Preferred Certifications

  • CISSP
  • Security+
  • GIAC
  • Palo Alto Cortex Certification
  • Cribl Certification
  • Other relevant SIEM or cybersecurity certifications
Before You Apply
️
πŸ‡ΊπŸ‡Έ Be aware of the location restriction for this remote position: USA Only
β€Ό Beware of scams! When applying for jobs, you should NEVER have to pay anything. Learn more.
SIEM Engineer @SUNSHINE ENTERPRISE USA LLC
Information Technology
Salary unspecified
Remote Location
πŸ‡ΊπŸ‡Έ USA Only
Employment Type contract
Posted YDay
Apply for this position
Did not apply βœ“
Applied βœ“
Sent Follow-Up βœ“
Interview Scheduled βœ“
Interview Completed βœ“
Offer Accepted βœ“
Offer Declined βœ“
Application Denied βœ“
Unlock 135,000+ Remote Jobs
️
πŸ‡ΊπŸ‡Έ Be aware of the location restriction for this remote position: USA Only
β€Ό Beware of scams! When applying for jobs, you should NEVER have to pay anything. Learn more.
Apply for this position
Did not apply βœ“
Applied βœ“
Sent Follow-Up βœ“
Interview Scheduled βœ“
Interview Completed βœ“
Offer Accepted βœ“
Offer Declined βœ“
Application Denied βœ“
Unlock 135,000+ Remote Jobs
Γ—

Apply to the best remote jobs
before everyone else

Access 135,000+ vetted remote jobs and get daily alerts.

4.9 β˜…β˜…β˜…β˜…β˜… from 500+ reviews
Unlock All Jobs Now

Maybe later