Presidio

Compensation

Full Description

Presidio, Where Teamwork and Innovation Shape the Future At Presidio, we're at the forefront of a global technology revolution, transforming industries through cutting-edge digital solutions and next-generation AI. We empower businesses-and their customers-to achieve more through innovation, automation, and intelligent insights. The RoleAs a Senior Threat Detection Engineer - Advanced Security Solutions within Presidio's Cybersecurity Practice, you will design and deliver advanced detection, response, and automation solutions across Palo Alto Networks Cortex XSIAM, CrowdStrike NG-SIEM, and Microsoft Sentinel for some of the most complex enterprise environments in the world. You'll be a trusted technical leader-helping customers operationalize their security investments, engineering precision detections, and building automation that transforms and modernizes our customers' security operations. This role offers the opportunity to work across leading SecOps platforms, mentor emerging talent, and collaborate with global experts to shape the future of threat detection and response. Responsibilities Include: • Lead high-profile delivery engagements that implement technologies such as Cortex XSIAM, CrowdStrike NG-SIEM, and Microsoft Sentinel, from architecture to operational handoff. • Integrate a wide range of log sources-endpoint, network, cloud, and identity-into each platform to achieve full-stack visibility. • Refine and optimize correlation rules, detection logic, and parsing configurations specific to each platform's capabilities. • Create and implement automation playbooks to speed up incident response and optimize Security Operations Center (SOC) workflows. • Configure advanced platform-specific capabilities, such as: • XSIAM - Threat Intelligence Management (TIM), Attack Surface Management (ASM) • CrowdStrike NG-SIEM - Falcon Data Replicator integrations, native threat analytics tuning • Microsoft Sentinel - KQL-based detections, SOAR playbooks with Logic Apps • Work collaboratively with global Cyber Engineering team members to ensure consistent service delivery, share best practices, and excel across regions. • Serve as a multi-platform expert, advising clients on security architecture, platform optimization, and operational best practices. • Troubleshoot and resolve complex issues during deployment and post-implementation for all supported security operations platforms. • Produce clear and comprehensive technical documentation, which includes solution designs, runbooks, and as-built records. • Guide junior engineers to enhance the team's overall technical skills. Required Skills and Professional Experience: • Bachelor's degree in Cybersecurity, Computer Science, or related field, or equivalent military/industry experience • 5-8 years in progressively senior cybersecurity roles, with demonstrable expertise in SIEM/SOC transformation projects • 5-8 years in cybersecurity with a focus on SIEM, SOAR, XDR, or SOC operations across multiple vendor platforms • Minimum 2 years hands-on experience with at least two of the following: Palo Alto Networks Cortex XSIAM/XSOAR, CrowdStrike NG-SIEM, Microsoft Sentinel • 3-5 years of demonstrated security operations experience • Proven track record delivering complex, multi-platform security projects in enterprise environments • Expertise in log ingestion, normalization, and correlation for varied data sources • Proficiency in query languages such as XQL (Cortex), KQL (Sentinel), and Lucene • Familiarity with API integrations • Strong communication skills, capable of engaging technical and executive stakeholders alike • Multi-platform SIEM/XDR administration and optimization. • SOAR playbook creation and optimization • Scripting language familiarity (Python, PowerShell preferred) • Strong troubleshooting and root cause analysis skills in complex SOC environments • Ability to translate security strategy into actionable technical designs • Advanced security operations certifications, such as GIAC and Microsoft Certified Expert, are highly valued Preferred Skills and Professional Experience: • Vendor certifications such as PCNSE, PCDRA (Palo Alto), CrowdStrike CCFR/CCFA, and Microsoft Certified: Security Operations Analyst Associate. • Knowledge of threat intelligence integration and automation across platforms. • Experience with hybrid/multi-cloud deployments (AWS, Azure, GCP). • Familiarity with emerging threats and adversary tradecraft. Your future at PresidioJoining Presidio means stepping into a culture of trailblazers-thinkers, builders, and collaborators-who push the boundaries of what's possible. With our expertise in AI-driven analytics, cloud solutions, cybersecurity, and next-gen infrastructure, we enable businesses to stay ahead in an ever-evolving digital world. Here, your impact is real. Whether you're harnessing the power of Generative AI, architecting resilient digital ecosystems, or driving data-driven transformation, you'll be part of a team that is shaping the future. Ready to innovate? Let's redefine what's next-together. About Presidio At Presidio, speed and quality meet technology and innovation. Presidio is a trusted ally for organizations across industries with a decades-long history of building traditional IT foundations and deep expertise in AI and automation, security, networking, digital transformation, and cloud computing. Presidio fills gaps, removes hurdles, optimizes costs, and reduces risk. Presidio's expert technical team develops custom applications, provides managed services, enables actionable data insights and builds forward-thinking solutions that drive strategic outcomes for clients globally. For more information, visit www.presidio.com • **** Applications will be accepted on a rolling basis. Presidio is an Equal Opportunity / Affirmative Action Employer / VEVRAA Federal Contractor. All qualified candidates will receive consideration for this position regardless of race, color, creed, religion, national origin, age, sex, citizenship, ethnicity, veteran status, marital status, disability, sexual orientation, gender identification or any other characteristic protected by applicable federal, state, and local statutes, regulations, and ordinances. To read more about discrimination protections under Federal Law, please visit: https://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf If you have any difficulty using our online system and need an accommodation in the job application process due to a disability, please send an email to recruitment@presidio.com for assistance. Presidio is a VEVRAA Federal Contractor requesting priority referrals of protected veterans for its openings. State Employment Services, please provide priority referrals to recruitment@presidio.com. Notice to Massachusetts Candidates: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Recruitment Agencies, Please Note: Presidio does not accept unsolicited agency resumes/CVs. Do not forward resumes/CVs to our careers email address, Presidio employees or any other means. Presidio is not responsible for any fees related to unsolicited resumes/CVs. #LI-PH1 Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.