SOC Analyst

About

Responsibilities

As Senior Security Operations Platform Engineer, you will partner with SOC leadership, engineering, and stakeholders to ensure the migration is not a tool swap, but a measurable uplift in detection, response, and operational maturity.

Key Responsibilities

• SOC Process Transformation
  • Assess current triage, escalation, SLAs, and operating rhythms.
  • Redesign workflows to align with XSIAM (correlation, automated triage, AI-driven prioritization).
  • Build/implement incident response playbooks and automation rules in XSIAM.
  • Define KPIs, metrics, and dashboards to improve SOC visibility and performance.
• Platform Migration & Deployment
  • Lead end-to-end migration of SIEM/SOAR capabilities from QRadar/CP4S to XSIAM.
  • Inventory and translate CP4S playbooks/runbooks into XSIAM automations.
  • Establish content lifecycle management for multi-tenancy, tuning, and optimization.
  • Define common workflows (incident/shift management, automation development, knowledge management).
  • Ensure alert fidelity, data integrity, and coverage continuity through cutover.
• Modern SOC Architecture & Advisory
  • Advise on next-gen SOC design across people, process, technology, and governance.
  • Close detection gaps using XSIAM’s unified data model, UEBA, threat intel, and attack surface management.
  • Recommend SOC structure (tiering), automation-first strategies, and response patterns.
  • Mentor/upskill staff on XSIAM operations, XQL, and platform-native automation.
• Stakeholder Engagement & Documentation
  • Produce migration plans, technical designs, runbooks, and post-implementation reporting.
  • Provide regular updates on progress, risks, and recommendations to senior leadership.
  • Coordinate with Palo Alto professional services and internal engineering as needed.

Expected Deliverable(s)

Log source parsers and data normalization, log pipeline implementation, SOC analyst workflows and automations, cybersecurity use-case detections and tuning.