Principal Consultant – SIEM

This is a fully remote position, open to applicants in Colorado, +4 more states.

📋 Description

• Collaborate with clients to define their business, security operations, and detection requirements, translating those needs into impactful SIEM use cases, architectures, and operational frameworks.

• Design and validate SIEM solutions to ensure that the client’s objectives regarding risk reduction, visibility, and detection engineering are achieved.

• Spearhead the design, deployment, migration, and optimization of SIEM platforms across Google SecOps, Microsoft Sentinel, CrowdStrike NG‑SIEM, and Palo Alto XSIAM.

• Support the creation of SIEM and SOC transformation engagement plans that empower clients to implement detection, response, and analytical strategies.

• Evaluate SIEM, logging, and security analytics technologies against business needs, risk posture, budget constraints, and operational maturity.

• Act as a recognized authority in SIEM architecture, log onboarding, detection engineering, UEBA, SOAR integration, and SOC operations.

• Guide and mentor fellow consultants on intricate SIEM projects, offering technical leadership and quality oversight throughout engagements.

• Capable of presenting to large technical and executive audiences; recognized as an expert on SIEM strategy and security operations.

• Effectively addresses challenging technical and strategic inquiries, consistently earning trust and backing from client stakeholders.

• Adapt and refine SIEM delivery methodologies based on client maturity, platform capabilities, and operational limitations.

• Keep a wide-ranging awareness of the cybersecurity, SOC, and security analytics technology landscape beyond just SIEM.

• Contribute to industry groups, thought leadership initiatives, whitepapers, or publications related to SIEM, SOC, or security operations.

⛳️ Requirements

• Bachelor’s degree and approximately 10–15 years of relevant experience in information security or technology consulting.

• Around 8–10 years of hands-on experience in security architecture with a strong emphasis on SIEM and security operations platforms.

• In-depth knowledge of SIEM concepts including log collection and normalization, detection engineering, alerting strategies, content lifecycle management, SOC workflows, and integration with SOAR and EDR platforms.

• Significant practical experience with modern SIEM platforms such as Google SecOps, Microsoft Sentinel, CrowdStrike NG‑SIEM, and Palo Alto XSIAM.

• Strong understanding of related security domains including incident response, threat detection, vulnerability management, data classification, and security governance.

• Awareness of the professional services sector and the organizational implications of technical and delivery decisions.

• Solid understanding of networking (TCP/IP, OSI model), operating systems (Windows, Linux/UNIX), cloud platforms, and contemporary security technologies (EDR, NDR, firewalls, IDS/IPS).

• Familiarity with scripting and automation languages commonly utilized in SIEM environments (e.g., KQL, Python, PowerShell, YAML).

• Strong understanding of regulatory and compliance requirements affecting security monitoring and log retention, including PCI DSS, GLBA, GDPR, and U.S. state privacy laws.

• Proven experience in integrating SIEM platforms into complex enterprise and cloud environments, including log pipelines, APIs, and security tooling ecosystems.

• Willingness to travel to accommodate client needs.

• A valid driver’s license in the U.S. and a valid passport are required.

• The ideal candidate must possess or be willing to pursue relevant certifications such as CISSP, CISM, CISA, or SIEM-specific platform certifications.

• Excellent interpersonal, leadership, and client-facing capabilities.

• Strong written and presentation skills with the capacity to convey complex SIEM and SOC concepts to both technical and executive audiences.

• Maintain a high standard of integrity and confidentiality.

🏝️ Benefits

• Professional training resources

• Work/life balance

• Volunteer opportunities

• The technology and ability to work productively from home (where applicable)