Next-Gen SIEM/XDR Architect

View full description

Requirements:

• Extensive experience in developing and integrating SIEM and XDR systems.
• Hands-on knowledge of products including IBM QRadar, Splunk, Microsoft Sentinel, Palo Alto Cortex XSOAR/XSIAM, Crowdstrike Falcon.
• Experience with ECS, CIM, OCSF, Sigma, STIX/TAXII formats in security operations.
• Strong background in threat intelligence, detection engineering, and cybersecurity analytics.
• Proficiency in Python programming and experience with AWS cloud platform.
• Proven track record of collaboration with security operations centers and incident response processes.
• Familiarity with machine learning and AI techniques in cybersecurity.
• Willingness to work with clients.

Responsibilities:

• Lead the integration of AI security agents with existing SIEM, SOAR, and XDR systems and data platforms.
• Collaborate with security operations teams to gather requirements and ensure effective utilization of security data.
• Design and implement scalable and high-performance data transformation processes for optimized AI agent functionality.
• Develop and maintain data feeds compatible with frameworks like MITRE ATT&CK to enhance threat intelligence.
• Build and organize security information platforms to support deployment and operation of AI security agents.
• Build and integrate security content leveraged by AI security agents.