IT - ADMIN - Security Architect - Consultant - SIEM Engineer

LanceSoft Inc

Columbia, SC(remote)

JOB DETAILS
SALARY
$80–$85 Per Hour
SKILLS
Automation, Bash Scripting, CISSP - Certified Information Systems Security Professional, Cloud Computing, CompTIA Security+, Computer Security, Consulting, Data Modeling, Documentation, Enterprise Architecture, Enterprise Protection, GIAC - Global Information Assurance Certification, Hunting, Identify Issues, Incident Response, Information Systems/Technology IS/IT Administration, Information/Data Security (InfoSec), Internet Security, Linux Operating System, Metrics, Microsoft Windows Operating System, Network Access Control (NAC), On Call, Onboarding, Python Programming/Scripting Language, Query Analysis, Reporting Dashboards, Scripting (Scripting Languages), Security Architecture, Security Consulting, Security Information and Event Management (SIEM), Software as a Service (SaaS), Standard Operating Procedures (SOP), Technical Writing, Telemetry
LOCATION
Columbia, SC
POSTED
Today
 
Job Title: Security Architect / SIEM Engineer (Consultant)
Location: 100% Remote (Preference for local SC candidates for occasional onsite meetings. Travel expenses are the candidate's responsibility.)
Duration: 12 Months (Renewable)


Position Overview
The State of South Carolina is seeking an experienced Security Architect / SIEM Engineer to support the Division of Information Security (DIS). This role will focus on designing, implementing, administering, and optimizing Palo Alto Cortex XSIAM and Cortex XDR within a large-scale, multi-tenant enterprise environment supporting a 24x7 Security Operations Center (SOC).
The engineer will also provide secondary support for Cribl log pipeline engineering, data modeling, parsing, normalization, enrichment, routing, and ingestion.
Key Responsibilities
  • Design, implement, administer, and optimize Palo Alto Cortex XSIAM and Cortex XDR.
  • Support multi-tenant SIEM environments, including tenant onboarding, RBAC, dashboards, reporting, and data segregation.
  • Develop and tune detections, correlation rules, threat hunting queries, analytics, watchlists, suppression logic, and dashboards.
  • Design and support Cribl log pipelines, including parsing, normalization, enrichment, routing, replay, and ingestion.
  • Onboard and troubleshoot telemetry from cloud, endpoint, network, identity, SaaS, Linux, Windows, and custom application sources.
  • Develop automation, integrations, and response playbooks using Python and Bash.
  • Create and maintain operational runbooks, SOPs, architecture documentation, and knowledge articles.
  • Support Tier 1–Tier 3 SOC analysts with troubleshooting, detection tuning, threat hunting, and incident response.
  • Monitor platform health, ingestion, alert volumes, detection coverage, and operational metrics.
  • Participate in a monthly on-call rotation supporting a 24x7 Security Operations Center.
Required Qualifications
  • Bachelor's degree in Information Technology, Information Security, or a related field (or 8+ years of relevant experience in lieu of a degree).
  • 5+ years supporting large enterprise IT/security environments.
  • Hands-on experience with:
    • Palo Alto Cortex XSIAM
    • Palo Alto Cortex XDR
    • SIEM engineering in enterprise/multi-tenant environments
    • 24x7 Security Operations Centers (SOC)
    • Detection engineering, threat hunting, correlation rules, dashboards, and reporting
    • Cribl data modeling, log pipeline design, parsing, normalization, enrichment, routing, and ingestion
    • Python and Bash scripting for automation and integrations
  • Strong understanding of enterprise security architecture, networking, access control, incident response, and cybersecurity frameworks.
Preferred Qualifications
  • Experience operating Cortex XSIAM/XDR in large enterprise environments.
  • Hands-on Cribl administration and log pipeline optimization.
  • Experience supporting Tier 1–Tier 3 SOC operations.
  • Experience creating playbooks, runbooks, SOPs, and technical documentation.
  • Certifications such as CISSP, Security+, GIAC, Palo Alto Cortex, Cribl, or other relevant security certifications.

About the Company

L

LanceSoft Inc

We are a $125 Million, NMSDC-certified Minority & Woman owned Workforce Solutions Company headquartered in the DC metro area with presence across US with global presence - Canada, Mexico, India, UK, Malaysia, Indonasia, Hongkong, Singapore, UAE. We are specialized in providing Workforce Solutions, SOW project delivery, Engineering Solutions, Creative Services. We currently support 100+ Fortune companies globally and across multiple industry segments. We are currently supporting several massive programs across industry segment nationally/globally (Intel, Ally, AMD, QUALCOMM, Morgan Stanley, Kraft/ Mondelez, MNP, Amdocs, Dell, SanDisk, Medtronic, Becton Dickinson, GE, Lockheed Martin, UTC, L-3 Communications, Caterpillar, BMW, Mercedes Benz, National Grid, Dominion, Energy Future Holdings, PSEG, 3M, Fidelity, Aetna, Humana, Johnson & Johnson, Pfizer, Merck etc). 

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender, identity, national origin, disability, or protected veteran status.

COMPANY SIZE
2,000 to 2,499 employees
INDUSTRY
Staffing/Employment Agencies
FOUNDED
2000
WEBSITE
http://www.lancesoft.com/