Principal Consultant Offensive Security Proactive Services - Unit jobs at Palo Alto in Australia

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Impact

• Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools - Red Team experience essential
• Ability to assist in scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel
• Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients
• Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements
• Conducts periodic scans of networks to find and detect vulnerabilities
• Conducts IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing)
• Conduct threat hunting and/or compromise assessment engagements to identify active or dormant indicators of compromise (IoCs) using Crypsis and Palo Alto Networks’ threat hunting tools (and/or client owned hunting instrumentation where applicable)
• Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders
• Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach
• Ability to perform travel requirements as needed to meet business demands

Your Experience

• 6+ years of professional experience leading Red & Purple team engagements, Advanced Attack Simulations, OSINT research, social engineering techniques, bespoke security assessments and exploit development
• Experience testing a range of technologies (Active Directory, major OSs, cloud environments, IoT / OT) and using a range of security tools and technologies inc AI-enabled to automate and tailor engagements
• Demonstrate a deep understanding of how malicious software works (i.e.-malware, trojans, rootkits, etc.)
• Ability to modify known and/or craft custom exploits manually without dependence on consumer tools such as Metasploit
• Strong knowledge of tools and techniques used to conduct network, wireless, and web application penetration testing
• Familiarity with web application penetration testing and code auditing to find security gaps and vulnerabilities
• Experience with penetration testing, administering, and troubleshooting major flavors of Linux, Windows, and major cloud IaaS, PaaS, and SaaS providers (i.e., AWS, GCP, and Azure)
• Experience with scripting and editing existing code and programming using one or more of the following - Perl, Python, ruby, bash, C/C++, C#, or Java
• Experience with security assessment tools, including Nessus, OpenVAS, MobSF Metasploit, Burp Suite Pro, Cobalt Strike, Bloodhound, and Empire
• Knowledge of application, database, and web server design and implementation
• Knowledge of network vulnerability assessments, web and cloud application security testing, network penetration testing, red teaming, security operations, or 'hunt'
• Knowledge of open security testing standards and projects, including OWASP & MITRE ATT&CK
• Ability to read and use the results of mobile code, malicious code, and anti-virus software
• Knowledge of computer forensic tools, technologies, and methods
• Assist in the development of internal infrastructure design for research, development, and testing focused on offensive security
• Identified ability to grow into a valuable contributor to the practice and, specifically
• Develop an external presence via public speaking, conferences, and/or publications
• Have credibility, executive presence, and gravitas
• Able to have a meaningful delivery contribution
• Have the potential and capacity to understand all aspects of the business and an excellent understanding of PANW products
• Collaborative and able to build relationships internally, externally, and across all PANW functions, including the account teams
• Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or equivalent years of professional experience to meet job requirements and expectations or equivalent military experience required
• Hold industry leading certifications from OffSec (OSCE / OSCP / OSWP etc), CREST, GIAC (SANS), and preferably published vulnerabilities, competition winners, conference talks, and published papers or thought leadership

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Career

You will center your role on relationship management to achieve measurable results in increased revenue, market share, and depth within each sales segment. Your success in this role will span the creation and execution of unique business plans in your region in partnership with other Palo Alto Networks Core sales organizations and channels. Your responsibilities will include finding and generating new customers, growing existing accounts and partnerships. You develop new accounts and/or expand existing accounts within an established geographic territory, industry, product segment or channel.

Your Impact

• Directly drives revenue impact by exceeding bookings goals of assigned partners and new initiatives

• Identify, create, and implement a comprehensive account strategy to develop new consulting business and drive expansion growth with enterprise customers across your territory, including channel partner

• Scope, negotiate and close enterprise contracts to exceed all bookings and revenue targets

• Establish access and create positive business relationships with key executives and senior-level decision-makers (typically CISO, CSO, and CIO level)

• Apply your knowledge of the cybersecurity industry, market landscape, technology, product, and processes to educate prospective and current customers on the business value of Unit 42’s offering and services

• Collaborate cross-functionally with key internal stakeholders (Field Sales, Marketing, Sales Operations, Product Management, Engineering, Pre/Post Sales, and Finance) to drive Unit 42 services adoption in target accounts

• Develop relationships with select partners in your region to leverage their account presence and drive new growth and further penetration of Unit 42 incident response and proactive services in the market

• Maintain accurate and up-to-date account intelligence in SFDC, including regular forecasting of business opportunities to Sales and executive leadership

Your Experience

• Experience in Business Development and Sales roles within the cybersecurity consulting industry

• Track record exceeding your sales quota as a Major / Large Account Manager, Regional Sales Manager / Enterprise seller focused on F1000 accounts in high growth companies

• At least 7 years of experience selling cybersecurity consulting services (preferred), or Enterprise Security solutions: SOC security-based products/services (such as Incident Response, Breach Management, Malware/Exploit Prevention, Anti-Virus, White Listing, SIEM, and other techniques) or SAS, Behavior Analytic or Logging tools; preferably Subscription or SaaS solutions as a direct contributor. Solutions related to Security Operations / SIEM / SOAR or adjacent solutions focused on Data / ML and automation preferred

• Deep understanding of channel partners and a channel-centric go to market approach in your region

• Knowledgeable in MEDDIC and Complex Solution Sales methodology and proven ability to sell complex enterprise software solutions to large and sophisticated enterprises at 6-figure transaction sizes and greater

• In-depth knowledge of how specific industries might leverage cybersecurity consulting services and security solutions and able to succinctly translate complex technical benefits to solve high leverage business problems; you can effectively articulate and present well in front of technical and executive-level stakeholders

• You have a demonstrated passion for helping organisations address their cyber security challenges and you are excited about the prospect of scaling a fast growing consulting services team and accustomed to working in a fast-paced environment

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Career

As a Lead Consultant for Cortex XSIAM, you will be at the forefront of guiding our customers through complex SIEM transformations and security operations enhancements. Your role goes beyond technical implementation — you will serve as a strategic advisor, helping enterprise customers design, plan, and execute an XSIAM deployment that aligns with their broader security objectives.

You will lead customer engagements from discovery through to operational handover, ensuring each phase is grounded in best practices for SIEM migration, log ingestion, detection engineering, and SOC automation. Acting as both a thought leader and a hands-on practitioner, you will bridge the gap between business outcomes and technical execution, influencing stakeholders and mentoring technical teams to deliver a world-class security operations capability.

Your Impact

• Lead XSIAM deployments and migrations, ensuring seamless onboarding of log sources and alignment with customer-specific requirements and security objectives.

• Develop and oversee comprehensive detection strategies, leveraging threat intelligence and industry best practices to strengthen customers’ defenses.

• Act as a trusted advisor to executive and SOC leadership, translating security goals into actionable implementation roadmaps.

• Drive operational efficiency through automation, reducing mean time to respond (MTTR) and enabling SOC analysts to focus on higher-value investigations.

• Facilitate collaboration across internal teams, customer stakeholders, and partners to ensure alignment and adoption of the XSIAM platform.

• Provide expert guidance in SIEM architecture, correlation rule design, and performance optimization to maximize value from the platform.

• Mentor customer technical teams, transferring knowledge and building long-term operational capability within the organization.

• Deliver clear and concise technical documentation, strategic recommendations, and progress reports that support decision-making and program success.

• Represent Professional Services as a subject matter expert in XSIAM, SIEM migrations, and SOC modernization initiatives.

Your Experience

• Exceptional written and verbal communication and presentation skills, for both internal and external interactions.

• 10+ years of experience with Security Operations Centers (SOC) tooling and processes.

• 6+ years of hands-on experience in deploying and integrating SIEM solutions and migrating SIEM solutions from different vendors within enterprise to large enterprise-level environments.

• Proficiency in coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring using SIEM platforms.

• Ability to conceive and develop detection use cases in SIEM systems to enable effective alerting.

• Proficiency in implementing and integrating automation solutions to enhance SOC efficiency, thereby minimizing MTTR and optimizing operational effectiveness.

• ​​Demonstrated expertise in threat intelligence management, including the ability to analyze and leverage threat intelligence feeds to proactively identify, assess, and mitigate potential security threats within the organization's environment.

• Familiarity with a range of Endpoint security solutions such as anti malware, EDR, XDR.

• Knowledge of generating reports on SIEM status, including metrics like logging source count, log collection rate, and other performance indicators.

• Proven experience in providing consultative services to end customers within the realm of cybersecurity, particularly in SIEM and SOC domains.

• Demonstrated ability to comprehend customer requirements, analyze complex security environments, and deliver strategic recommendations or best practices that align with their goals or expected outcomes.

• Proficient in comprehending and creating technical design documentation and and or architecture.

• Proven track record in effectively leading technical teams, managing resources, and overseeing projects within a dynamic cybersecurity environment, ensuring alignment with strategic objectives, timely delivery of milestones, and efficient utilization of resources.

• Skilled in facilitating collaboration among diverse stakeholders, including technical teams, management, and external partners, to drive informed decision-making processes that align with organizational objectives and foster innovation in cybersecurity strategies.

• Relevant bachelor's degree or equivalent military experience or industry-recognized qualifications (CISSP, GIAC, SIEM Vendor Qualification, etc.), is a plus.

As threats and technology evolve, we stay in step to accomplish our mission. You’ll be involved in implementing new products, transitioning from old products to new, and will fix integrations and critical issues as they are raised. But you won’t wait for them to be raised, you’ll seek them out, too. We fix and identify technical problems, with a pointed focus of providing the best customer support in the industry.

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Career

As the Director AI Security Research, you will lead an elite team of researchers focused on discovering and mitigating novel threats against AI systems. You will be the organization's subject-matter expert on the AI attack surface, blending deep technical research with strategic leadership. Your team's work will directly shape our product strategy, inform our detection and prevention capabilities, and establish Palo Alto Networks as the definitive leader in AI security research.

Your Impact

• Lead Advanced Research: Build and mentor a world-class applied research team focused on discovering and creating proof-of-concepts for new security vulnerabilities related to AI models, AI infrastructure, and AI-driven applications.

• Drive Protection Strategy: Partner directly with engineering and product leaders to translate research findings into tangible, customer-facing security protections. Design practical, product-level mitigations to prevent novel attacks on AI systems.

• Innovate with AI: Leverage Palo Alto Networks' security leadership to derive new insights, identify emerging threat trends, and build novel AI/ML-driven detection methodologies.

• Thought Leadership: Serve as a primary AI security subject-matter expert for the company. Publish cutting-edge research through technical blogs, white papers, research papers and conference presentations, establishing industry-wide influence.

• Cross-Functional Collaboration: Work closely with product management and engineering teams to ensure our platform is protected against the threats you discover.

• Customer & Industry Engagement: Collaborate with industry partners, the open-source community, and key customers to share findings and advance the state of AI security.

Your Experience

• Education: MS or PhD in Computer Science or a related field with a focus on AI/ML or cybersecurity is highly preferred.

• Experience: 10+ years of hands-on experience in the cybersecurity research field, with at least 3+ years in a leadership or management role.

• AI/ML Expertise: Deep practical and theoretical knowledge of modern AI systems, infrastructure, and data pipelines. Proven track record of discovering security issues related to AI systems is a major plus.

• Security Acumen: Strong understanding of the attacker mindset and proven experience in vulnerability research, offensive security, or threat detection engineering.

• Communication: Excellent written and verbal communication skills, with a strong ability to articulate highly complex technical concepts and research findings to diverse audiences, including executives and customers.

• Data-Driven: Strong proficiency in data analysis and scripting (e.g., Python) and hands-on experience with query languages and databases (SQL, KQL, etc.).

Nice to Have

• A public portfolio of research, including blog posts, conference talks, research papers or vulnerability disclosures.

• Experience with cloud security (AWS, GCP, Azure) and container orchestration (Kubernetes).

• Hands-on experience in building, training, and deploying ML models in a production environment.

Compensation Disclosure

The compensation offered for this position will depend on qualifications, experience, and work location. For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales/commissioned roles) is expected to be between:: $274,400 - $290/YR. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found .

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Career

As a Lead Consultant for Cortex XSIAM, you will be at the forefront of guiding our customers through complex SIEM transformations and security operations enhancements. Your role goes beyond technical implementation — you will serve as a strategic advisor, helping enterprise customers design, plan, and execute an XSIAM deployment that aligns with their broader security objectives.

You will lead customer engagements from discovery through to operational handover, ensuring each phase is grounded in best practices for SIEM migration, log ingestion, detection engineering, and SOC automation. Acting as both a thought leader and a hands-on practitioner, you will bridge the gap between business outcomes and technical execution, influencing stakeholders and mentoring technical teams to deliver a world-class security operations capability.

Your Impact

• Lead XSIAM deployments and migrations, ensuring seamless onboarding of log sources and alignment with customer-specific requirements and security objectives.

• Develop and oversee comprehensive detection strategies, leveraging threat intelligence and industry best practices to strengthen customers’ defenses.

• Act as a trusted advisor to executive and SOC leadership, translating security goals into actionable implementation roadmaps.

• Drive operational efficiency through automation, reducing mean time to respond (MTTR) and enabling SOC analysts to focus on higher-value investigations.

• Facilitate collaboration across internal teams, customer stakeholders, and partners to ensure alignment and adoption of the XSIAM platform.

• Provide expert guidance in SIEM architecture, correlation rule design, and performance optimization to maximize value from the platform.

• Mentor customer technical teams, transferring knowledge and building long-term operational capability within the organization.

• Deliver clear and concise technical documentation, strategic recommendations, and progress reports that support decision-making and program success.

• Represent Professional Services as a subject matter expert in XSIAM, SIEM migrations, and SOC modernization initiatives.

Your Experience

• Exceptional written and verbal communication and presentation skills, for both internal and external interactions.

• 10+ years of experience with Security Operations Centers (SOC) tooling and processes.

• 6+ years of hands-on experience in deploying and integrating SIEM solutions and migrating SIEM solutions from different vendors within enterprise to large enterprise-level environments.

• Proficiency in coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring using SIEM platforms.

• Ability to conceive and develop detection use cases in SIEM systems to enable effective alerting.

• Proficiency in implementing and integrating automation solutions to enhance SOC efficiency, thereby minimizing MTTR and optimizing operational effectiveness.

• ​​Demonstrated expertise in threat intelligence management, including the ability to analyze and leverage threat intelligence feeds to proactively identify, assess, and mitigate potential security threats within the organization's environment.

• Familiarity with a range of Endpoint security solutions such as anti malware, EDR, XDR.

• Knowledge of generating reports on SIEM status, including metrics like logging source count, log collection rate, and other performance indicators.

• Proven experience in providing consultative services to end customers within the realm of cybersecurity, particularly in SIEM and SOC domains.

• Demonstrated ability to comprehend customer requirements, analyze complex security environments, and deliver strategic recommendations or best practices that align with their goals or expected outcomes.

• Proficient in comprehending and creating technical design documentation and and or architecture.

• Proven track record in effectively leading technical teams, managing resources, and overseeing projects within a dynamic cybersecurity environment, ensuring alignment with strategic objectives, timely delivery of milestones, and efficient utilization of resources.

• Skilled in facilitating collaboration among diverse stakeholders, including technical teams, management, and external partners, to drive informed decision-making processes that align with organizational objectives and foster innovation in cybersecurity strategies.

• Relevant bachelor's degree or equivalent military experience or industry-recognized qualifications (CISSP, GIAC, SIEM Vendor Qualification, etc.), is a plus.

As threats and technology evolve, we stay in step to accomplish our mission. You’ll be involved in implementing new products, transitioning from old products to new, and will fix integrations and critical issues as they are raised. But you won’t wait for them to be raised, you’ll seek them out, too. We fix and identify technical problems, with a pointed focus of providing the best customer support in the industry.

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Career

As a Principal Professional Services Architect for Cortex XSIAM, you will serve as a senior technical and strategic leader, bridging complex service delivery with long-term customer success outcomes. In this hybrid role, you will spend your time delivering billable engagements such as data onboarding, correlation engineering, and automation design. You would partner with customers as their strategic advisor and architect, driving platform adoption, maturity, and measurable security outcomes.

You'll engage with CISOs, SOC leaders, and security engineering teams at some of our largest and most strategic customers to design scalable ingestion architectures, help customers evolve their detection strategy, and partner with them on SOC transformation initiatives. Your work will focus on co-creating solutions with customers — refining existing processes, aligning them with XSIAM capabilities, and providing best-practice recommendations to accelerate adoption and value realization.

Your Impact

Billable Engagements (~45%)

• Architect and deliver data ingestion pipelines, ensuring telemetry from diverse sources (endpoint, network, cloud, identity) is normalized, high-quality, and aligned with best practices

• Design and implement custom correlation logic detections to address customer-specific use cases, leveraging platform capabilities and reference content — not building detections from scratch

• Advise on detection strategies by mapping customer threat models and operational needs to actionable detection use cases, ensuring alignment with Cortex's research-driven detection content

• Review, refine, and recommend improvements to existing incident response workflows and automation playbooks, aligning them with XSIAM capabilities and industry best practices while respecting established customer processes

• Mentor and enable customer SOC teams on alert triage optimization, enrichment strategies, and continuous detection tuning

• Produce and deliver technical documentation, architecture diagrams, runbooks, and operational guides that support ongoing SOC operations

• Conduct workshops and hands-on sessions to transfer knowledge and upskill customer teams on the effective use of XSIAM.

Principal Customer Success Architect (~55%)

• Serve as a trusted advisor to CISOs, SOC Directors, and security engineering leaders, shaping their long-term XSIAM adoption strategy and architecture roadmap

• Lead architecture design sessions, maturity assessments, and strategic workshops to translate business objectives into actionable technical plans

• Design and deliver reference architectures, best-practice frameworks, and operational blueprints in collaboration with customer teams, enabling them to evolve and sustain their SOC capabilities

• Provide strategic recommendations to enhance SOC maturity, including ingestion strategies, detection priorities, automation approaches, and operational workflows

• Identify opportunities for optimization, automation, and expansion within the customer environment, guiding them toward continuous improvement and advanced use of XSIAM features

• Act as the technical escalation point and strategic liaison across customer, product, and internal engineering teams to ensure platform adoption and success metrics are achieved

• Capture and relay customer feedback to internal product and engineering teams, influencing roadmap priorities and feature evolution.

Your Experience

• 10+ years in Security Operations, SIEM, detection engineering, or related roles, with at least 4+ years in an architecture, advisory, or leadership capacity

• Proven experience leading enterprise-scale SOC or SIEM transformation projects from design to operationalization

• Deep expertise in SIEM platforms (Cortex XSIAM, Splunk, QRadar, Sentinel, etc.) and security analytics methodologies

• Strong background in log ingestion, normalization, enrichment, correlation engineering, and detection strategy design

• Experience designing or improving automation workflows, SOAR integrations, and response playbooks based on existing operational processes

• Strong consultative skills and experience engaging directly with executive stakeholders to align security strategies with business goals

• Hands-on knowledge of threat hunting, detection engineering, and SOC optimization practices

• Proficiency with Regex, log parsing, and telemetry schema design

• Familiarity with MITRE ATT&CK, NIST CSF, and SOC maturity models

• Exceptional communication and presentation skills, with the ability to translate complex technical topics for technical and non-technical audiences

• Bachelor's degree in a relevant field or equivalent experience; certifications such as CISSP, GIAC, or SIEM vendor credentials are preferred.

Our Professional Services and Customer Success organizations are at the forefront of customer enablement and platform adoption. We partner deeply with clients to help them operationalize Cortex XSIAM, evolve their SOC capabilities, and stay ahead of an ever-changing threat landscape. As a Principal architect, you'll operate at the intersection of delivery and advisory - shaping architectures, driving adoption strategies, and enabling customers to achieve measurable outcomes and long-term success.

Why You'll Love This Role

• You'll influence the security posture of some of the world's largest and most sophisticated enterprises

• You'll operate at the strategic intersection of technical delivery, advisory, and architecture, shaping how customers build and evolve their SOC

• You'll work with cutting-edge security analytics, automation, and AI-driven detection technologies at massive scale

• You'll become a trusted advisor and thought leader, not just an implementer but enabling customers to transform their operations and achieve meaningful results

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Career

As a Domain Consultant for SOC Transformation you will be the expert for our Cortex portfolio, a Next-Gen AI-powered security operations platform. You will play a key role in defining technical solutions that secure a customer’s key business imperatives. You evangelize our industry leading solutions in Security Intelligence and Automation, XDR, Attack Surface Management, SOAR and Incident Response that establish Palo Alto Networks as a customer’s cybersecurity partner of choice.

Your Impact

• Collaborate with account teams to recommend and develop customer solutions within your assigned specialization area
• Present to customers as our expert at all levels in the customer hierarchy, from practitioner to senior leadership
• As the main technical point of contact for Cortex, you will assist and collaborate to respond effectively to RFIs/RFPs.
• Lead and support customer demonstrations that showcase our unique value proposition
• Scope and lead Proof of Value (PoV) projects for prospective customers and partners based on best practices to ensure technical win in your assigned opportunities
• Drive high technical validation and PoV win rates within your assigned specialization area
• Responsible for discussing and highlighting product alignment with customer requirements and differentiation
• Architect solutions that will help our customers strengthen and simplify their security posture
• Document High-Level Design and Key Use Cases to ensure proper implementation and value realization of Palo Alto Networks Solutions
• Help our customers build and develop further their services around Cortex solutions
• Lead conversations about industry trends and emerging changes to the security landscape
• Discuss, with credibility, competitive offers in the marketplace and position ours as the best alternative
• Position Palo Alto Networks or Partner delivered services as appropriate to ensure proper implementation and value realization of Palo Alto Networks solutions
• Initiate projects to improve individual team’s performance
• Implement organizational policies & help others adopt
• Act as a conduit for customer feedback to Product Management, Technical Marketing, competitor intelligence, and R&D to create requirements and deliver product features for our customers

Your Experience

• 6+ years experience in Security Operations or pre-sales/sales engineering within SIEM, SOAR, SOC, and/or XDR/EDR environments
• IBM QRadar design, deployment, and/or pre-sales experience highly desirable
• Experience in working with customers, demonstrating problem-solving skills and a can-do attitude
• Solid understanding of Security Operations Center processes
• Advanced knowledge of SIEM and/or SOAR solutions
• Scripting experience is a plus - Python preferred
• This is a field sales position where travel requirements may be required to support in person customer meetings, please discuss with the recruiter on the specifics for this position.
• Proficient in English

All your information will be kept confidential according to EEO guidelines.