Senior SOC Consultant — Palo Alto XSIAM Migration Specialist

Dice is the leading career destination for tech experts at every stage of their careers. Our client, PROTEK INFORMATION TECHNOLOGY SERVICES, LLC, is seeking the following. Apply via Dice today!

We are seeking a senior-level Security Operations Consultant to lead the deployment, calibration, and process transformation associated with our migration from IBM QRadar and IBM Cloud Pak for Security (CP4S) to Palo Alto Networks XSIAM (Extended Security Intelligence and Automation Management).

This engagement is ideal for seasoned SOC practitioners who not only have hands‑on XSIAM or XSOAR expertise, but who also bring the vision, architecture mindset, and operational maturity to reimagine what a modern Security Operations Center should look like — and then build it.

As a Senior SOC Consultant, you will serve as the primary player guiding the environment of how the modern SOC shall operate working as an MSSP of our SIEM/SOAR/XDR platform transition. You will work directly with our SOC leadership, engineering teams, and key stakeholders to ensure that the migration is not simply a technology swap, but a genuine uplift in our security operations capability.

You will be expected to bring an architect's perspective to SOC design, a practitioner's knowledge of detection and response workflows, and a consultant's discipline in delivering measurable outcomes within a defined engagement timeline.

• Conduct a thorough review of current SOC processes, triage workflows, escalation procedures, and SLA structures.
• Re‑engineer and calibrate SOC processes to align with XSIAM capabilities, including alert correlation, automated triage, and AI‑driven prioritization.
• Design and implement incident response playbooks and automation rules that exploit the native intelligence of the XSIAM platform.
• Define metrics, KPIs, and dashboards within XSIAM to provide SOC leadership with actionable operational visibility.

• Assist in the end‑to‑end migration of SIEM and SOAR capabilities from IBM QRadar and IBM CP4S to Palo Alto XSIAM.
• Assess existing playbooks, runbooks, and automation capabilities in the current environment of CP4S.
• Design content lifecycle management processes to support multi‑tenancy and content optimization and tuning.
• Propose a vision for common workflows for incident management, shift management, automation, workflow development and knowledge management while leveraging XSIAM.
• Help in creating the workflows and automations in XSIAM.
• Assist in enabling the SOC team to adapt the new workflows.
• Migrate and reconstruct CP4S playbooks and SOAR automation workflows within XSIAM's automation engine.
• Ensure data integrity, fidelity of alerts, and continuity of coverage throughout the transition period.

• Advise on the architecture of a next‑generation SOC — covering people, process, technology, and governance dimensions.
• Identify and close gaps in detection coverage by leveraging XSIAM's unified data model, UEBA, threat intelligence, and attack surface management capabilities.
• Provide recommendations on SOC team structure, analyst tier models, and automation‑first response strategies.
• Mentor and upskill internal SOC staff on XSIAM operations, XQL query development, and platform‑native automation.

• Produce and maintain detailed migration plans, technical design documents, runbooks, and post‑implementation reports.
• Present progress, risks, and recommendations to senior IT and security leadership on a regular basis.
• Collaborate with vendors, Palo Alto professional services teams, and internal engineering counterparts as required.

• 10+ years of hands‑on experience working within or for Security Operations Centers (SOC) — as an analyst, engineer, architect, or consultant.
• Demonstrable experience deploying and operating Palo Alto XSIAM (or Cortex XDR/XSOAR in an integrated XSIAM context).
• Deep, working knowledge of IBM QRadar — including correlation rules, log sources, flows, reference sets, and the AQL query language.
• Experience with…