SIEM ARCHITECT _ Remote role for USA/Mexico
Job Title: SIEM ARCHITECT
Job Location: US/Mexico Remote
Job Tupe: Contract
Job Duration: Long Term.
We are seeking an experienced Security Architect to lead the design, deployment, and optimization of Palo Alto Cortex XDR across enterprise environments. The role requires deep expertise in SIEM and SOAR Platform, strong exposure to security automation, and hands-on experience integrating with SIEM platforms for centralized monitoring and incident response.
The architect will drive advanced threat detection, automated response use cases, and SOC modernization initiatives while aligning security operations with best practices and zero-trust principles.
Key Responsibilities
XDR Architecture & Strategy
• Design and own the Cortex XDR architecture across endpoints, servers, and cloud workloads
• Define XDR onboarding strategy for endpoints, network, and cloud telemetry
• Establish detection, prevention, and response standards aligned with MITRE ATT&CK
• Lead XDR roadmap, capacity planning, and platform optimization
Cortex XDR Implementation & Operations
• Architect and deploy Palo Alto Cortex XDR:
• Endpoint protection, behavioral analytics, and threat prevention
• Incident correlation and root cause analysis
• Tune detection policies, alert thresholds, and prevention profiles
• Oversee agent deployment, upgrades, and performance optimization
Automation & SOAR
• Design and implement security automation and response workflows
• Integrate Cortex XDR with SOAR platforms (Cortex XSOAR preferred)
• Develop automated playbooks for:
• Alert triage and enrichment
• Containment and remediation (endpoint isolation, user disablement, IOC blocking)
• Leverage APIs, scripting, and integrations to reduce manual SOC effort
SIEM Integration & Monitoring
• Integrate Cortex XDR with SIEM platforms (Splunk, Sentinel, QRadar, etc.)
• Design log ingestion, normalization, and correlation use cases
• Build dashboards and alerts for SOC visibility and executive reporting
• Optimize signal-to-noise ratio across SIEM and XDR platforms
Threat Detection & Incident Response
• Define and validate advanced detection use cases
• Lead threat hunting initiatives using XDR and SIEM telemetry
• Support incident response investigations and post-incident reviews
• Continuously improve detections based on emerging threats
Yogesh kumar
InfiCare Staffing | 22375 Broderick Drive #225 Dulles, VA 20166
Direct: (703) 652-4449 | [email protected]
www.InfiCareHealth.com | www.InfiCareTech.com | linkedin.com/in/yogesh-kumar-48609a318
Staffing services since 2001 | NMSDC MBE Certified | The Joint Commission Certified
Manager Contact Info: Tarender Singh | [email protected] |703-954-1814
Apply tot his job
Apply To this Job
Job Location: US/Mexico Remote
Job Tupe: Contract
Job Duration: Long Term.
We are seeking an experienced Security Architect to lead the design, deployment, and optimization of Palo Alto Cortex XDR across enterprise environments. The role requires deep expertise in SIEM and SOAR Platform, strong exposure to security automation, and hands-on experience integrating with SIEM platforms for centralized monitoring and incident response.
The architect will drive advanced threat detection, automated response use cases, and SOC modernization initiatives while aligning security operations with best practices and zero-trust principles.
Key Responsibilities
XDR Architecture & Strategy
• Design and own the Cortex XDR architecture across endpoints, servers, and cloud workloads
• Define XDR onboarding strategy for endpoints, network, and cloud telemetry
• Establish detection, prevention, and response standards aligned with MITRE ATT&CK
• Lead XDR roadmap, capacity planning, and platform optimization
Cortex XDR Implementation & Operations
• Architect and deploy Palo Alto Cortex XDR:
• Endpoint protection, behavioral analytics, and threat prevention
• Incident correlation and root cause analysis
• Tune detection policies, alert thresholds, and prevention profiles
• Oversee agent deployment, upgrades, and performance optimization
Automation & SOAR
• Design and implement security automation and response workflows
• Integrate Cortex XDR with SOAR platforms (Cortex XSOAR preferred)
• Develop automated playbooks for:
• Alert triage and enrichment
• Containment and remediation (endpoint isolation, user disablement, IOC blocking)
• Leverage APIs, scripting, and integrations to reduce manual SOC effort
SIEM Integration & Monitoring
• Integrate Cortex XDR with SIEM platforms (Splunk, Sentinel, QRadar, etc.)
• Design log ingestion, normalization, and correlation use cases
• Build dashboards and alerts for SOC visibility and executive reporting
• Optimize signal-to-noise ratio across SIEM and XDR platforms
Threat Detection & Incident Response
• Define and validate advanced detection use cases
• Lead threat hunting initiatives using XDR and SIEM telemetry
• Support incident response investigations and post-incident reviews
• Continuously improve detections based on emerging threats
Yogesh kumar
InfiCare Staffing | 22375 Broderick Drive #225 Dulles, VA 20166
Direct: (703) 652-4449 | [email protected]
www.InfiCareHealth.com | www.InfiCareTech.com | linkedin.com/in/yogesh-kumar-48609a318
Staffing services since 2001 | NMSDC MBE Certified | The Joint Commission Certified
Manager Contact Info: Tarender Singh | [email protected] |703-954-1814
Apply tot his job
Apply To this Job