×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Security Manager Network Security

Senior Threat Detection Engineer – Advanced Security Solutions

Remote / Online - Candidates ideally in
Presidio, Presidio County, Texas, 79845, USA
Listing for: Presidio, Inc.
Remote/Work from Home position
Listed on 2025-11-27
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Security Manager, Network Security
Salary/Wage Range or Industry Benchmark: 100000 - 130000 USD Yearly USD 100000.00 130000.00 YEAR
Job Description & How to Apply Below
Location: Presidio

Senior Threat Detection Engineer – Advanced Security Solutions

Job Category
:
Engineering

Requisition Number
: SENIO
009321

  • Posted :
    November 21, 2025
  • Full-Time
  • Remote
Locations

Showing 1 location

USA (Remote)

Description

Presidio, Where Teamwork and Innovation Shape the Future AtPresidio, we’re at the forefront of a global technology revolution, transforming industries through cutting-edge digital solutions and next-generation AI. We empower businesses—and their customers—to achieve more through innovation, automation, and intelligent insights.

The Role

As a Senior Threat Detection Engineer – Advanced Security Solutions within Presidio's Cybersecurity Practice, you will design and deliver advanced detection, response, and automation solutions across Palo Alto Networks Cortex XSIAM, Crowd Strike NG-SIEM, and Microsoft Sentinel for some of the most complex enterprise environments in the world.

You’ll be a trusted technical leader—helping customers operationalize their security investments, engineering precision detections, and building automation that transforms and modernizes our customers' security operations. This role offers the opportunity to work across leading Sec Ops platforms, mentor emerging talent, and collaborate with global experts to shape the future of threat detection and response.

Responsibilities Include:

  • Lead high-profile delivery engagements that implement technologies such as Cortex XSIAM, Crowd Strike NG-SIEM, and Microsoft Sentinel, from architecture to operational handoff.
  • Integrate a wide range of log sources—endpoint, network, cloud, and identity—into each platform to achieve full-stack visibility.
  • Refine and optimize correlation rules, detection logic, and parsing configurations specific to each platform’s capabilities.
  • Create and implement automation playbooks to speed up incident response and optimize Security Operations Center (SOC) workflows.
  • Configure advanced platform-specific capabilities, such as:
    • XSIAM – Threat Intelligence Management (TIM), Attack Surface Management (ASM)
    • Crowd Strike NG-SIEM – Falcon Data Replicator integrations, native threat analytics tuning
    • Microsoft Sentinel – KQL-based detections, SOAR playbooks with Logic Apps
  • Work collaboratively with global Cyber Engineering team members to ensure consistent service delivery, share best practices, and excel across regions.
  • Serve as a multi-platform expert, advising clients on security architecture, platform optimization, and operational best practices.
  • Troubleshoot and resolve complex issues during deployment and post-implementation for all supported security operations platforms.
  • Produce clear and comprehensive technical documentation, which includes solution designs, runbooks, and as-built records.
  • Guide junior engineers to enhance the team's overall technical skills.

Required Skills and Professional

Experience:

  • Bachelor’s degree in Cybersecurity, Computer Science, or related field, or equivalent military/industry experience
  • 5–8 years in progressively senior cybersecurity roles, with demonstrable expertise in SIEM/SOC transformation projects
  • 5–8 years in cybersecurity with a focus on SIEM, SOAR, XDR, or SOC operations across multiple vendor platforms
  • Minimum 2 years hands-on experience with at least two of the following:
    Palo Alto Networks Cortex XSIAM/XSOAR, Crowd Strike NG-SIEM, Microsoft Sentinel
  • 3-5 years of demonstrated security operations experience
  • Proven track record delivering complex, multi-platform security projects in enterprise environments
  • Expertise in log ingestion, normalization, and correlation for varied data sources
  • Proficiency in query languages such as XQL (Cortex), KQL (Sentinel), and Lucene
  • Familiarity with API integrations
  • Strong communication skills, capable of engaging technical and executive stakeholders alike
  • Multi-platform SIEM/XDR administration and optimization.
  • SOAR playbook creation and optimization
  • Scripting language familiarity (Python, Power Shell preferred)
  • Strong troubleshooting and root cause analysis skills in complex SOC environments
  • Ability to translate security strategy into actionable technical designs
  • Advanced security operations certifications, such as GIAC and Microsoft Certified Expert, are…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search