AC5 Chief Engineer leading technical direction for Boeing's Phantom Works. Directing engineering personnel for advanced communications, computing, and command control technologies.
About the role
- Bilingual SIEM/SOAR Engineer in Managed Security Services team deploying and optimizing security tools for diverse clients. Responsible for building detection use cases and automating response playbooks.
Responsibilities
- Deploy, configure, and maintain SIEM platforms (e.g., Palo Alto XSIAM, Splunk, Sentinel) for MSSP clients
- Onboard new log sources and ensure full visibility across cloud, endpoint, network, and application layers
- Develop custom parsers, normalization rules, and enrichment workflows
- Build and maintain automated playbooks for incident triage, enrichment, and response using platforms like Cortex XSOAR, SecOps SOAR or Splunk SOAR
- Integrate SOAR with threat intelligence, ticketing systems, firewalls, EDRs, and other customer tools
- Continuously improve automation coverage to reduce analyst workload and response times
- Collaborate with SOC analysts and threat hunters to design and implement detection use cases based on MITRE ATT&CK, threat intel, and client risk profiles
- Tune detection rules to reduce false positives and ensure actionable alerts
- Serve as a technical expert for MSSP clients during onboarding, tuning sessions, and ongoing support
- Provide recommendations for SIEM/SOAR improvements, architecture changes, and operational efficiencies
- Assist with incident response investigations where tooling configuration or custom queries are required
- Maintain detailed documentation of configurations, playbooks, and processes
- Train internal SOC teams and client stakeholders on SIEM/SOAR workflows and usage
- Stay abreast of advancements in SIEM and SOAR technologies, incorporating new capabilities into hunting and detection workflows
Requirements
- Fully bilingual English and French
- 3+ years of experience working with SIEM and/or SOAR platforms in a security operations or MSSP setting
- Hands-on experience with at least one major SIEM (e.g., Palo Alto XSIAM, Splunk, Sentinel)
- Experience with SOAR platforms and playbook development (e.g., Cortex XSOAR, SecOps SOAR, Splunk SOAR)
- Strong scripting and automation skills (e.g., Python, PowerShell, Bash, REST APIs)
- Proficiency with log formats and parsing (Syslog, JSON, Windows Events, CEF, etc.)
- Knowledge of detection logic development using query languages (e.g., SPL, KQL, regex, Sigma)
- Solid understanding of cybersecurity concepts, frameworks, and methodologies (MITRE ATT&CK, cyber kill chain)
- Experience integrating threat intelligence into SIEM/SOAR platforms
- Strong documentation and communication skills, especially with client stakeholders
- Ability to manage multiple clients and projects in a fast-paced, service-oriented environment
- Experience in an MSSP or MDR environment is a plus.
- Certifications such as Palo Alto XSOAR Engineer, Splunk Certified Admin, Azure SC-200, GCIH, Security+, or CISSP preferred
- Experience with cloud logging (AWS CloudTrail, Azure Monitor, Google Chronicle) is a plus.
Benefits
- Equal opportunity employer
- Inclusive work environment
- Accommodations available for interview process
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Deep Learning Compiler Engineer at NVIDIA developing optimizations for deep learning models and GPUs. Collaborating with cross - functional teams and enhancing the next generation of AI technology.
Sr Insider Threat Engineer at PayPal applying security best practices in a global commerce platform. Enhancing systems security and collaborating with teams for strategic initiatives.
Senior Technical Leader for enterprise virtualization platform at ComPsych. Leading virtualization engineers, guiding design decisions, and managing infrastructure initiatives.
Cybersecurity Engineer providing application - level administration of forensic tools and systems at GDIT. Focused on maintaining and enhancing cybersecurity operations for federal customers.
Cybersecurity Engineer maintaining and enhancing digital forensic and cybersecurity toolsets for critical systems. Ensuring compliance while supporting the application - level administration for federal agency requirements.
Senior Client Engineer enhancing construction projects with data - driven technology from nPlan. Focus on client relationships and maximizing product value in the construction industry.
Standards Engineer responsible for designing, updating, and communicating engineering standards at Liberty, impacting energy and water solutions. Collaborate across departments to ensure compliance and provide training.
Mechanical Engineer performing design and analysis for nuclear power plant components at Westinghouse Electric Company. Evaluating equipment with ASME Code and supporting fabrication processes.
Senior Safety Engineer supporting Nuclear safety case development for submarine defueling and dismantling. Requires engineering degree and knowledge in nuclear safety.