Senior Security Operations Platform Engineer

Qualifications

• Lead SOC process transformation including triage, escalation, SLAs, and workflow optimization aligned with XSIAM
• Design and implement incident response playbooks, automation, and SOC workflows
• Define KPIs, dashboards, and metrics to improve SOC visibility and performance
• Lead end-to-end SIEM/SOAR migration from QRadar and CP4S to XSIAM
• Translate and rebuild SOAR playbooks and runbooks into XSIAM automations
• Ensure SIEM normalization, log onboarding, field mapping, and data integrity
• Develop detection rules using XQL and MITRE ATT&CK framework for gap analysis and coverage improvement
• Implement telemetry ingestion across cloud, endpoint, network, and identity systems
• Build integrations and automation using Python, JavaScript, or similar scripting languages
• Design and manage logging/data pipelines using tools such as Syslog-ng, Kafka, or Cribl
• Perform threat hunting, incident response, root cause analysis, and alert tuning to reduce false positives
• Advise on modern SOC architecture including UEBA, threat intelligence, and attack surface management
• Recommend SOC operating models, tiering structures, and automation-first strategies