Responsibilities : • Design, build, and maintain XSOAR/XSIAM automation and response playbooks aligned to CTR use cases. • Develop and tune AI-assisted detection logic to improve alert fidelity ...
Responsibilities : • Design, build, and maintain XSOAR/XSIAM automation and response playbooks aligned to CTR use cases. • Develop and tune AI-assisted detection logic to improve alert fidelity ...
Responsibilities : • Design, build, and maintain XSOAR/XSIAM automation and response playbooks aligned to CTR use cases. • Develop and tune AI-assisted detection logic to improve alert fidelity ...
Responsibilities : • Design, build, and maintain XSOAR/XSIAM automation and response playbooks aligned to CTR use cases. • Develop and tune AI-assisted detection logic to improve alert fidelity ...
Senior DSPM Engineer - Cybersecurity / Information Security
Phoenix, AZ · On-site
$105K - $143K/yr
Deploy, configure, and operate Palo Alto Networks Cortex (Cortex XSIAM, Cortex XDR, and Cortex Cloud) end-to-end--connectors, data ingestion, parsers, content packs, correlation rules, and dashboards.
Quick apply
Senior DSPM Engineer - Cybersecurity / Information Security
Phoenix, AZ · On-site
$105K - $143K/yr
Deploy, configure, and operate Palo Alto Networks Cortex (Cortex XSIAM, Cortex XDR, and Cortex Cloud) end-to-end--connectors, data ingestion, parsers, content packs, correlation rules, and dashboards.
Senior DSPM Engineer - Cybersecurity / Information Security
Phoenix, AZ · On-site
$103K - $140K/yr
Deploy, configure, and operate Palo Alto Networks Cortex (Cortex XSIAM, Cortex XDR, and Cortex Cloud) end-to-end-connectors, data ingestion, parsers, content packs, correlation rules, and dashboards.
Senior DSPM Engineer - Cybersecurity / Information Security
Phoenix, AZ · On-site
$103K - $140K/yr
Deploy, configure, and operate Palo Alto Networks Cortex (Cortex XSIAM, Cortex XDR, and Cortex Cloud) end-to-end-connectors, data ingestion, parsers, content packs, correlation rules, and dashboards.
Analyst
Cleveland, OH · On-site
$100K - $120K/yr
Hands-on experience with Palo Alto XSOAR and/or XSIAM, including playbook development, integrations, and automation. * Strong understanding of SOC operations, detection engineering, and incident ...
Analyst
Cleveland, OH · On-site
$100K - $120K/yr
Hands-on experience with Palo Alto XSOAR and/or XSIAM, including playbook development, integrations, and automation. * Strong understanding of SOC operations, detection engineering, and incident ...
Security Architect
$66.50 - $86/hr
... XSIAM • Continuously improve detection pipelines and threat intelligence integration Qualifications : Required : • Bachelor's degree in Information Technology, Information Security, or related ...
Security Architect
$66.50 - $86/hr
... XSIAM • Continuously improve detection pipelines and threat intelligence integration Qualifications : Required : • Bachelor's degree in Information Technology, Information Security, or related ...
... Alto Cortex XSIAM/XDR platform. Knowledge of Linux network administration and network design. Experience in administration of firewalls, VPN technology, Active Directory, Intrusion Detection ...
Quick apply
... Alto Cortex XSIAM/XDR platform. Knowledge of Linux network administration and network design. Experience in administration of firewalls, VPN technology, Active Directory, Intrusion Detection ...
Lead technical evaluation of Palo Alto Cortex XSIAM, including POC design, capability assessment, and transition planning Endpoint Security & Hardening * Own endpoint security posture across ~1,400 ...
Lead technical evaluation of Palo Alto Cortex XSIAM, including POC design, capability assessment, and transition planning Endpoint Security & Hardening * Own endpoint security posture across ~1,400 ...
Security Engineer
Chicago, IL · Hybrid
Partner to integrate IAM with the rest of the security stack so that XSIAM, CASB, DLP, and EDR/XDR all see consistent identity signal. * Run technical access reviews and tighten entitlement design ...
Security Engineer
Chicago, IL · Hybrid
Partner to integrate IAM with the rest of the security stack so that XSIAM, CASB, DLP, and EDR/XDR all see consistent identity signal. * Run technical access reviews and tighten entitlement design ...
Principal Consultant - SIEM | Remote, USA
Leawood, KS · Remote
$134K - $184K/yr
Lead SIEM platform design, deployment, migration, and optimization efforts across Google SecOps, Microsoft Sentinel, CrowdStrike NGSIEM, and Palo Alto XSIAM. Assist with development of SIEM and SOC ...
Principal Consultant - SIEM | Remote, USA
Leawood, KS · Remote
$134K - $184K/yr
Lead SIEM platform design, deployment, migration, and optimization efforts across Google SecOps, Microsoft Sentinel, CrowdStrike NGSIEM, and Palo Alto XSIAM. Assist with development of SIEM and SOC ...
Principal Consultant - SIEM | Remote, USA
Dallas, TX · Remote
$134K - $184K/yr
Lead SIEM platform design, deployment, migration, and optimization efforts across Google SecOps, Microsoft Sentinel, CrowdStrike NGSIEM, and Palo Alto XSIAM. Assist with development of SIEM and SOC ...
Principal Consultant - SIEM | Remote, USA
Dallas, TX · Remote
$134K - $184K/yr
Lead SIEM platform design, deployment, migration, and optimization efforts across Google SecOps, Microsoft Sentinel, CrowdStrike NGSIEM, and Palo Alto XSIAM. Assist with development of SIEM and SOC ...
Principal Consultant - SIEM | Remote, USA
Arlington, VA · Remote
$134K - $184K/yr
Lead SIEM platform design, deployment, migration, and optimization efforts across Google SecOps, Microsoft Sentinel, CrowdStrike NGSIEM, and Palo Alto XSIAM. Assist with development of SIEM and SOC ...
Principal Consultant - SIEM | Remote, USA
Arlington, VA · Remote
$134K - $184K/yr
Lead SIEM platform design, deployment, migration, and optimization efforts across Google SecOps, Microsoft Sentinel, CrowdStrike NGSIEM, and Palo Alto XSIAM. Assist with development of SIEM and SOC ...
Principal Consultant - SIEM | Remote, USA
Denver, CO · Remote
$134K - $184K/yr
Lead SIEM platform design, deployment, migration, and optimization efforts across Google SecOps, Microsoft Sentinel, CrowdStrike NGSIEM, and Palo Alto XSIAM. Assist with development of SIEM and SOC ...
Principal Consultant - SIEM | Remote, USA
Denver, CO · Remote
$134K - $184K/yr
Lead SIEM platform design, deployment, migration, and optimization efforts across Google SecOps, Microsoft Sentinel, CrowdStrike NGSIEM, and Palo Alto XSIAM. Assist with development of SIEM and SOC ...
Security Engineer
Chicago, IL · On-site
$78K - $119K/yr
Partner to integrate IAM with the rest of the security stack so that XSIAM, CASB, DLP, and EDR/XDR all see consistent identity signal. * Run technical access reviews and tighten entitlement design ...
Security Engineer
Chicago, IL · On-site
$78K - $119K/yr
Partner to integrate IAM with the rest of the security stack so that XSIAM, CASB, DLP, and EDR/XDR all see consistent identity signal. * Run technical access reviews and tighten entitlement design ...
Principal Consultant - SIEM | Remote, USA
Denver, CO · On-site +1
$134K - $184K/yr
... XSIAM . Acts as an industry leader and champion of technical excellence in Security Information and Event Management (SIEM), delivering exceptional services and support to strategic clients and ...
Principal Consultant - SIEM | Remote, USA
Denver, CO · On-site +1
$134K - $184K/yr
... XSIAM . Acts as an industry leader and champion of technical excellence in Security Information and Event Management (SIEM), delivering exceptional services and support to strategic clients and ...
Security Engineer
Chicago, IL · Hybrid
Partner to integrate IAM with the rest of the security stack so that XSIAM, CASB, DLP, and EDR/XDR all see consistent identity signal. * Run technical access reviews and tighten entitlement design ...
Security Engineer
Chicago, IL · Hybrid
Partner to integrate IAM with the rest of the security stack so that XSIAM, CASB, DLP, and EDR/XDR all see consistent identity signal. * Run technical access reviews and tighten entitlement design ...
Principal Consultant - SIEM | Remote, USA
Jacksonville, FL · Remote
$134K - $184K/yr
Lead SIEM platform design, deployment, migration, and optimization efforts across Google SecOps, Microsoft Sentinel, CrowdStrike NGSIEM, and Palo Alto XSIAM. Assist with development of SIEM and SOC ...
Principal Consultant - SIEM | Remote, USA
Jacksonville, FL · Remote
$134K - $184K/yr
Lead SIEM platform design, deployment, migration, and optimization efforts across Google SecOps, Microsoft Sentinel, CrowdStrike NGSIEM, and Palo Alto XSIAM. Assist with development of SIEM and SOC ...
Principal Consultant - SIEM | Remote, USA
Bozeman, MT · Remote
$134K - $184K/yr
Lead SIEM platform design, deployment, migration, and optimization efforts across Google SecOps, Microsoft Sentinel, CrowdStrike NGSIEM, and Palo Alto XSIAM. Assist with development of SIEM and SOC ...
Principal Consultant - SIEM | Remote, USA
Bozeman, MT · Remote
$134K - $184K/yr
Lead SIEM platform design, deployment, migration, and optimization efforts across Google SecOps, Microsoft Sentinel, CrowdStrike NGSIEM, and Palo Alto XSIAM. Assist with development of SIEM and SOC ...
Principal Consultant - SIEM | Remote, USA
Austin, TX · Remote
$134K - $184K/yr
Lead SIEM platform design, deployment, migration, and optimization efforts across Google SecOps, Microsoft Sentinel, CrowdStrike NGSIEM, and Palo Alto XSIAM. Assist with development of SIEM and SOC ...
Principal Consultant - SIEM | Remote, USA
Austin, TX · Remote
$134K - $184K/yr
Lead SIEM platform design, deployment, migration, and optimization efforts across Google SecOps, Microsoft Sentinel, CrowdStrike NGSIEM, and Palo Alto XSIAM. Assist with development of SIEM and SOC ...
Security Architect Consultant
Columbia, SC · Remote
$60.25 - $77.75/hr
Experience with the Palo Alto Cortex XSIAM platform * Deep understanding of Windows/Linux artifacts * Resource is local to Columbia, South Carolina or a surrounding city in South Carolina
Quick apply
Security Architect Consultant
Columbia, SC · Remote
$60.25 - $77.75/hr
Experience with the Palo Alto Cortex XSIAM platform * Deep understanding of Windows/Linux artifacts * Resource is local to Columbia, South Carolina or a surrounding city in South Carolina
Xsiam information
What are the key skills and qualifications needed to thrive as an XSIAM (Extended Security Intelligence & Automation Management) Specialist, and why are they important?
To thrive as an XSIAM Specialist, you need a deep understanding of cybersecurity principles, incident response, and threat intelligence, along with relevant IT or cybersecurity certifications. Familiarity with security information and event management (SIEM) platforms—especially Palo Alto Networks’ Cortex XSIAM—and scripting or automation tools is crucial. Strong analytical thinking, attention to detail, and effective communication skills set top performers apart in this field. These competencies are critical for proactively detecting threats, automating security workflows, and ensuring robust organizational defense.
What is an XSIAM specialist?
An XSIAM specialist is a cybersecurity professional who focuses on managing and optimizing the Extended Security Intelligence and Automation Management (XSIAM) platform, developed by Palo Alto Networks. XSIAM integrates security data, analytics, and automated response capabilities to help organizations detect, investigate, and respond to cybersecurity threats more effectively. Specialists in this field are skilled in configuring the platform, integrating various data sources, creating automation playbooks, and analyzing security events to reduce incident response times. They often work closely with security operations centers (SOCs) to enhance threat detection and streamline security operations.
How does an XSIAM (Extended Security Intelligence and Automation Management) specialist typically collaborate with other teams within an organization?
An XSIAM specialist works closely with IT, security operations, and incident response teams to integrate and automate security workflows. Collaboration often involves coordinating with system administrators to implement automated threat detection and response, as well as working with security analysts to refine detection rules and improve incident investigation processes. Regular communication and cross-functional meetings are common to ensure that the XSIAM platform aligns with organizational security objectives and adapts to evolving threats.
More about Xsiam jobs
What cities are hiring for Xsiam jobs? Cities with the most Xsiam job openings:
What states have the most Xsiam jobs? States with the most job openings for Xsiam jobs include:
What job categories do people searching Xsiam jobs look for? The top searched job categories for Xsiam jobs are:
Job description
Job Summary:
ICONMA is an IT Services and Consultant company seeking a Cyber Threat Response Analyst for their remote location. The role involves designing and maintaining automation playbooks, developing detection logic, and supporting incident response activities to enhance operational efficiency.
Responsibilities:
• Design, build, and maintain XSOAR/XSIAM automation and response playbooks aligned to CTR use cases.
• Develop and tune AI-assisted detection logic to improve alert fidelity, reduce false positives, and expand coverage.
• Assist in the automation of BAU CTR processes including alert triage, enrichment, containment, and response actions to reduce analyst workload.
• Partner with CTR analysts and engineering teams to identify operational gaps and translate them into automation and detection use cases.
• Test, validate, and document playbooks and detections prior to production deployment.
• Support incident response activities through automation and post-incident improvement of detections and playbooks.
• Provide documentation and knowledge transfer to internal staff to ensure sustainability after the engagement.
Qualifications:
Required:
• Palo Alto – XSIAM, XSOAR
• Hands-on experience with Palo Alto XSOAR and/or XSIAM, including playbook development, integrations, and automation.
• Strong understanding of SOC operations, detection engineering, and incident response workflows.
• Working knowledge of MITRE ATT&CK and modern adversary techniques.
• Senior-level experience preferred to minimize ramp-up time.
• Years of Experience: 14.00 Years of Experience
Company:
ICONMA: Your Partner in Global Staffing Solutions and Digital Transformation ICONMA is a globally recognized, Woman-Owned staff augmentation and technology consulting firm. Founded in 2000, the company is headquartered in Troy, MI, US, , with a team of 1001-5000 employees. The company is currently Late Stage.
ICONMA is an IT Services and Consultant company seeking a Cyber Threat Response Analyst for their remote location. The role involves designing and maintaining automation playbooks, developing detection logic, and supporting incident response activities to enhance operational efficiency.
Responsibilities:
• Design, build, and maintain XSOAR/XSIAM automation and response playbooks aligned to CTR use cases.
• Develop and tune AI-assisted detection logic to improve alert fidelity, reduce false positives, and expand coverage.
• Assist in the automation of BAU CTR processes including alert triage, enrichment, containment, and response actions to reduce analyst workload.
• Partner with CTR analysts and engineering teams to identify operational gaps and translate them into automation and detection use cases.
• Test, validate, and document playbooks and detections prior to production deployment.
• Support incident response activities through automation and post-incident improvement of detections and playbooks.
• Provide documentation and knowledge transfer to internal staff to ensure sustainability after the engagement.
Qualifications:
Required:
• Palo Alto – XSIAM, XSOAR
• Hands-on experience with Palo Alto XSOAR and/or XSIAM, including playbook development, integrations, and automation.
• Strong understanding of SOC operations, detection engineering, and incident response workflows.
• Working knowledge of MITRE ATT&CK and modern adversary techniques.
• Senior-level experience preferred to minimize ramp-up time.
• Years of Experience: 14.00 Years of Experience
Company:
ICONMA: Your Partner in Global Staffing Solutions and Digital Transformation ICONMA is a globally recognized, Woman-Owned staff augmentation and technology consulting firm. Founded in 2000, the company is headquartered in Troy, MI, US, , with a team of 1001-5000 employees. The company is currently Late Stage.
About ICONMA
Sourced by ZipRecruiter
ICONMA is an established and stable organization building lasting relationships with clients and consultants. We are unique in our ability to provide a full spectrum of Staffing Services and Solutions including: Staff Augmentation (Contract, Contract-to-Hire, Direct Hire), Bulk Buy Staff Augmentation, Offshore Staff Augmentation, Payroll Services and Consulting (Project Delivery, SOW). At ICONMA, our goal is to become a one-stop destination for our customers' staffing and outsourcing needs. Our vision is to be a preeminent provider of innovative business solutions, leveraging key technologies to improve our customers' competitiveness, growth, and profitability. ICONMA focuses on a culture that fosters collaboration and team work. We recognize that employees are the foundation of any company, and we encourage our employees to be leaders while providing continuous training and growth opportunities. ICONMA encourages hard work, determination and dedication in a professional environment. ICONMA promotes a healthy work-life balance, and understands this is a key component to our employee's and company's success.
Industry
Recruiting and staffing services
Company size
1,001 - 5,000 Employees
Headquarters location
Troy, MI, US
Year founded
2000