Security Operations Center Analyst

Title: SOC AnalystLocation: New York, NY 10004 (hybrid)Duration: Full-time with Apexon (W2)Interview: 3 rounds of interviews, including management and technical. 40 Hrs/week!!Required Skills : 10+ years in SOC roles (analyst/engineer/architect/consultant).Proven deployment/operations of XSIAM (or Cortex XDR/XSOAR in an XSIAM context).QRadar expertise (rules, log sources/flows, reference sets, AQL).CP4S SOAR/case management experience;ability to translate workflows cross-platform.Participation in at least one enterprise-scale SIEM/SOAR migration.XQL proficiency; detection rule development.SIEM normalization, onboarding, and field mapping. SOAR playbook design and workflow automation.MITRE ATT&CK–based detection engineering and gap analysis. Telemetry across cloud, endpoint, network, and identity. Scripting for integrations/automation (Python, JavaScript, or similar).Strong SOC operations knowledge (triage, hunting, IR, shift handover, tuning/FP reduction, threat intel operationalization).Preferred Palo Alto certs (PCCSA/PCNSA/XSIAM/XSOAR training).QRadar certification (or equivalent depth).Regulated industry experience (FSI, government, healthcare).Logging/data pipeline familiarity (Syslog-ng, Kafka, Cribl, etc.).Purple team or detection-as-code background.Responsibilities : As a Senior Security Operations Platform Engineer, you will partner with SOC leadership, engineering, and stakeholders to ensure the migration is not a tool swap, but a measurable uplift in detection, response, and operational maturity.Key Responsibilities:SOC Process Transformation Assess current triage, escalation, SLAs, and operating rhythms.Redesign workflows to align with XSIAM (correlation, automated triage, AI-driven prioritization).Build/implement incident response playbooks and automation rules in XSIAM. Define KPIs, metrics, and dashboards to improve SOC visibility and performance.Platform Migration & Deployment Lead end-to-end migration of SIEM/SOAR capabilities from QRadar/CP4S to XSIAM. Inventory and translate CP4S playbooks/runbooks into XSIAM automations.Establish content lifecycle management for multi-tenancy, tuning, and optimization.Define common workflows (incident/shift management, automation development, knowledge management).Ensure alert fidelity, data integrity, and coverage continuity through cutover.Modern SOC Architecture & Advisory Advise on next-gen SOC design across people, process, technology, and governance.Close detection gaps using XSIAM’s unified data model, UEBA, threat intel, and attack surface management.Recommend SOC structure (tiering), automation-first strategies, and response patterns.Mentor/upskill staff on XSIAM operations, XQL, and platform-native automation.Stakeholder Engagement & Documentation Produce migration plans, technical designs, runbooks, and post-implementation reporting.Provide regular updates on progress, risks, and recommendations to senior leadership. Coordinate with Palo Alto professional services and internal engineering as needed.Expected Deliverable(s) :Log source parsers and data normalization, log pipeline implementation, SOC analyst workflows and automations, cybersecurity use-case detections and tuning.