Protek

Compensation

Full Description

As a Senior SOC Consultant, you will serve as a trusted advisor and hands-on practitioner guiding the full lifecycle of our SIEM/SOAR/XDR platform transition. You will work directly with our SOC leadership, engineering teams, and key stakeholders to ensure that the migration is not simply a technology swap, but a genuine uplift in our security operations capability. You will be expected to bring an architect's perspective to SOC design, a practitioner's knowledge of detection and response workflows, and a consultant's discipline in delivering measurable outcomes within a defined engagement timeline. Platform Migration & Deployment • Lead the end-to-end migration of SIEM and SOAR capabilities from IBM QRadar and IBM CP4S to Palo Alto Cortex XSIAM. • Assess and migrate existing data sources, log ingestion pipelines, and parsing logic into the XSIAM environment. • Translate QRadar correlation rules, offenses, and custom properties into equivalent XSIAM detection logic and XQL queries. • Migrate and reconstruct CP4S playbooks and SOAR automation workflows within XSIAM's automation engine. • Ensure data integrity, fidelity of alerts, and continuity of coverage throughout the transition period. SOC Process Transformation • Conduct a thorough review of current SOC processes, triage workflows, escalation procedures, and SLA structures. • Re-engineer and calibrate SOC processes to align with XSIAM capabilities, including alert correlation, automated triage, and AI-driven prioritization. • Design and implement incident response playbooks and automation rules that exploit the native intelligence of the XSIAM platform. • Define metrics, KPIs, and dashboards within XSIAM to provide SOC leadership with actionable operational visibility. Modern SOC Architecture & Advisory • Advise on the architecture of a next-generation SOC — covering people, process, technology, and governance dimensions. • Identify and close gaps in detection coverage by leveraging XSIAM's unified data model, UEBA, threat intelligence, and attack surface management capabilities. • Provide recommendations on SOC team structure, analyst tier models, and automation-first response strategies. • Mentor and upskill internal SOC staff on XSIAM operations, XQL query development, and platform-native automation.