Resident Engineer - Cortex Xdr jobs at Palo Alto in Japan, Chiyoda

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Career

As a Senior Professional Services Consultant (PSC) at Palo Alto Networks, you will be a pivotal technical expert, spearheading the successful deployment and initial configuration of our Prisma Access Browser (PAB) solution for customers. This is a highly impactful, hands-on role where you will directly translate customer security requirements into a fully operational and optimized cloud-delivered browser security solution.

Working closely with customers, solution consultants, and project managers, you will implement PAB according to best practices and customer-specific needs. Beyond just deployment, you will be a proactive driver, navigating complex environments, anticipating roadblocks, and accelerating our customers' journey to a Zero Trust architecture.

Your Impact

• Proactively Drive Technical Deployment : Execute the complete technical lifecycle of PAB implementation, including secure tenant setup and complex Identity Provider (IdP) integrations. Take ownership of the deployment timeline, proactively managing and overcoming any customer hesitations or delays to ensure rapid time-to-value.

• Translate Strategy to Security Policy : Convert customer business and security designs into practical, effective PAB configurations, focusing on access controls, data loss prevention (DLP) rules, and web security policies.

• Drive Adoption : Guide customers through the secure and large-scale deployment of the PAB extension/client to end-user devices using various enterprise deployment methods (e.g., GPO, MDM).

• Be a Proactive Technical Advisor : Serve as the go-to expert for PAB best practices, advanced feature utilization, and performance tuning, actively monitoring environments to pre-emptively identify, recommend, and resolve potential issues or areas for security posture improvement.

• Resolve Complex Escalations : Act as the primary technical escalation point, performing deep-dive root cause analysis and coordinating across Support, Engineering, and Product teams for timely resolution.

• Document and Transfer Knowledge : Create high-quality, customer-specific "as-built" documentation and deliver comprehensive operational training and knowledge transfer to customer administrators.

• Advocate for the Customer : Capture and translate valuable field feedback into actionable feature requests, serving as a critical internal voice for product improvement and development.

• Maintain expert-level understanding of Prisma Access Browser : Stay updated on latest product releases, security trends, and industry best practices. Actively participate in relevant training and certification programs to maintain technical proficiency.

Your Experience

• 8+ years of experience required in a hands-on, technical, customer-facing role such as Professional Services Consultant, Technical Account Manager, or Senior Sales Engineer.

• Proven track record of proactive engagement; the ability to take initiative to push customers toward successful deployment, manage project risks, and navigate organizational challenges or pushback to maintain project velocity.

• Expert-level knowledge of core networking concepts (TCP/IP, DNS, HTTP/S) and enterprise security principles (Zero Trust, SASE, Firewall, Proxy, VPN).

• Demonstrated ability to independently lead and execute complex technical projects in customer environments, driving deployment to successful completion.

• Advanced analytical and troubleshooting skills with a methodical approach to identifying, diagnosing, and resolving technical issues (Root Cause Analysis).

• Exceptional verbal and written communication skills with a proven ability to convey complex security topics to diverse technical and non-technical stakeholders.

• Experience with Identity and Access Management (IAM) and authentication protocols, specifically integrating solutions with IdPs like Azure AD or Okta using SAML 2.0.

• Familiarity with cloud and SaaS security architecture and the challenges associated with securing modern applications and browsers.

• Knowledge of Prisma Access deployment, architecture, and traffic flows.

Preferred

• Basic knowledge of enterprise endpoint management tools (e.g., Microsoft Intune, Jamf, SCCM) and software deployment methodologies.

• Relevant industry certifications such as Palo Alto Networks (PCNSA, PCNSE), CISSP, or cloud-specific security certifications.

• Basic scripting ability (e.g., PowerShell, Python) for automation or data manipulation.

As threats and technology evolve, we stay in step to accomplish our mission. You’ll be involved in implementing new products, transitioning from old products to new, and fixing integrations and critical issues as they are raised. But you won’t wait for them to be raised, you’ll seek them out, too. We fix and identify technical problems with a pointed focus of providing the best customer support in the industry.

Compensation Disclosure

The compensation offered for this position will depend on qualifications, experience, and work location. For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales/commissioned roles) is expected to be between $140000 - $192500/YR. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found .

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Career

As a SIEM Engineer for Cortex XSIAM, you will play a pivotal role in assisting our customers with seamless log migration and effective detection strategies. Working closely with the technical lead, you will ensure the successful onboarding and ingestion of relevant log sources into XSIAM, adhering to industry best practices and meeting customer-specific requirements. Your responsibilities will also involve devising suitable detection strategies to fortify our customers' defenses against threats, encompassing the design and implementation of correlation rules.

Your Impact

• Collaborate with the technical lead to devise a comprehensive log ingestion strategy
• Contribute to the development of detection strategies based on industry best practices
• Articulate a step-by-step process to ensure the ingestion of high-quality log sources
• Monitor and optimize log sources for optimal performance
• Create meticulous and effective correlation rules
• Fine-tune log sources and correlation rules to enhance system efficiency
• Serve as the subject matter expert (SME) in SIEM, correlation, and log source ingestion
• Serve as a trusted advisor to end customers, offering consultative guidance and expertise in optimizing the utilization of Cortex XSIAM
• Leverage your in-depth knowledge of SIEM and SOC practices to assess customer needs, provide tailored recommendations, and assist in the formulation of effective security strategies
• Collaborate closely with customers to understand their unique challenges and objectives, translating them into actionable steps that enhance their security posture
• Identify opportunities to enhance analyst alert handling through automation
• Foster collaboration with internal and external teams to drive product adoption
• Produce technical documentation detailing SIEM aspects of the engagement
• Occasionally travel to customer meetings and workshops (up to 10% of the time)

Your Experience

• Exceptional written and verbal communication and presentation skills, for both internal and external interactions
• 6+ years of hands-on experience in deploying and integrating SIEM solutions within enterprise to large enterprise-level environments
• Proficiency in coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring using SIEM platforms
• Ability to conceive and develop correlation and detection rules in SIEM systems to enable effective alerting
• Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar
• Proven experience in providing consultative services to end customers within the realm of cybersecurity, particularly in SIEM and SOC domains
• Demonstrated ability to comprehend customer requirements, analyze complex security environments, and deliver strategic recommendations that align with their goals
• Strong expertise in Regular Expressions (Regex)
• Skill in understanding logs and locating relevant third-party documentation when required
• Knowledge of generating reports on SIEM status, including metrics like logging source count, log collection rate, and other performance indicators
• Understanding of Security Analysis & Response, encompassing endpoint, network, and cloud-based environments is a plus
• Proficient in comprehending and creating technical design documentation
• 4 years of experience with Security Operations Centers (SOC) tooling and processes
• Relevant bachelor's degree or industry-recognized qualifications (CISSP, GIAC, SIEM Vendor Qualification, etc.), is a plus

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Strategic Advisory and Client Engagement:

• Establish and maintain executive-level relationships (Manager, Director, VP, and CxO contacts) in strategic accounts with high growth potential.

• Transform client security strategies by driving conversations that advocate for Palo Alto Networks’ view of transformative Solution Architectures.

• Provide valuable insights and education to clients on effective risk reduction, operational excellence, and cost management.

• Identify and document the client's strategic transformation goals and priority outcomes for value realization, collaborating with specialists to develop business cases around measurable benefits.

• Conduct high-impact consulting engagements, including architectural assessments, designs, and client workshops, setting and driving a strategic agenda with the customer and sales/engineering teams.

Sales Productivity and Thought Leadership:

• Demonstrate increased sales productivity through strategic architectural engagements.

• Engage directly with senior technical and business leaders as a security expert to expand reach within accounts and expand the scope of sales opportunities by identifying new areas of engagement and areas where our solutions can deliver on executive priorities.

• Collaborate with sales teams to develop and deliver differentiated proposals that clearly demonstrate business and technical value.

Internal Partnership and Development:

• Become a valued resource to Product Management by discovering and understanding current challenges, competitive insights, and opportunities to address emerging needs in strategic market segments.

• Maintain continuous self-improvement and learning to sustain technical leadership across relevant technologies (e.g., security technologies, cyber threat intelligence, risk and regulatory topics, emerging technologies)

• Work closely with Sales and Solution Consulting leadership, Unit42 consulting teams, Business Value Consultants, Professional Services, Customer Success, and theater CISO/CTO resources (where applicable) to ensure a coordinated market approach.

Your Experience

• Experience: 10+ years of experience as an end customer, a cybersecurity vendor or consultant is required.

• Education: BSCS, equivalent degree or experience is required.

• Architectural Knowledge:

  • Must have deep knowledge of security operations, SIEM, endpoint security and incident response. Preferred experience in network security, SASE/Zero Trust, cloud security, identity management, and emerging topics related to cybersecurity and AI is a plus.

  • Extensive knowledge of core security architectures, history, and trends spanning network, endpoint, and hybrid environments.

  • Solid fundamental background in principles and practices of networking and/or cloud computing.

• Executive Presence: Demonstrable experience in establishing credibility and strategic messaging with large enterprise executives (CISO and above).

• Communication Skills: Strong written and verbal communication and presentation skills, both internally and externally.

• Drive and Problem Solving:

  • A "Whatever it takes" attitude and motivation to overcome obstacles necessary to achieve desired outcomes and close deals.

  • Robust problem finding and solving skills, with the ability to analyze complex problems with systematic approaches to quick resolution, even under duress.

• Travel: Expect to travel a minimum of 50%+ of the weeks in the fiscal year. Travel will include customer and company location onsite meetings.

• Organizational Skills: Superb organizational skills are required

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Career

You will work firsthand with our valued customers to address their complex post-sales concerns where analysis of situations or data requires an in-depth evaluation of many factors. You’re a critical thinker in understanding the methods, techniques, and evaluation criteria for obtaining results. You’ll enjoy networking with key contacts outside your own area of expertise, with a strong capability of detailing difficult technical issues to both non-technical and technical professionals.
You will regularly participate in technical discussions with multi-functional teams, creating an environment of transparency that ultimately leads to better products, better working environments, and better cybersecurity. Your quick thinking and support to our clients provides the fast assistance they need to keep their environments secure – which means you’ll need to move quickly, thoughtfully, and provide technical assistance as needed (often, in high pressure situations).

Your Impact

• Provide Technical Support to customers and partners
• Provide configurations, troubleshooting and best practices to customers
• Manage support cases to ensure issues are recorded, tracked, resolved, and follow-ups are completed in a timely manner
• Provide fault isolation and root cause analysis for technical issues
• Publish Technical Support Bulletins and other technical documentation in the Knowledge Base
• Review of technical documentation for training materials, technical marketing collateral, manuals, troubleshooting guides, etc.
• Travel to customer sites in the event of a critical situation to expedite resolution as required
• Provide on-call support 24x7 on an as-needed basis

Your Experience

• Willing to work flexible and varying shift times including weekends and evenings
• Previous experience in a Technical Support environment is required
• Excellent written and verbal communication skills
• Expertise with Remote Access VPN solutions, IPSEC, PKI & SSL, TCP/IP, Authentication Protocols (LDAP, RADIUS, etc.)
• Experience working with Firewall Central Management Systems
• Experience working with a multi-factor authentication security system (tokens, certificates, CAC cards, and similar)
• Working knowledge of Security services (IDS/IPS, Firewalls, etc.)
• Strong ability to independently debug broad, complex, and unique networks with mixed media and protocols required
• Virtualization experience (AWS, Azure, VMWare, OpenStack)
• Experience with Windows and MAC OS is a plus (Debugging, Editing Registries, Plist, etc.)
• Experience with Cisco, Checkpoint, Juniper (Netscreen), and Fortinet products a plus

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Impact

• サイバーセキュリティの中核であるCortex製品群（EPP、EDR、NDRなどを提供するXDR、SOARを用いたセキュリティ運用の改善、サイバー攻撃や内部不正の脅威を早期に検知するSIEM、攻撃面管理など）において、サイバーセキュリティサービスを担当するセールスエンジニアとしてご活躍いただきます。
• 製品やサービスの紹介、デモ、Cortex製品群のPoC検証を実施する際に、当社サイバーセキュリティ製品の技術的な利点を提示し、さまざまな技術サポートを提供します。
• 顧客の業界に応じた適切なサイバーセキュリティ対策を導くために、技術的なコンサルティングを行います。
• 既存顧客、新規顧客、社内のアカウント営業/SE部門、マーケティング部門、パートナーに対する製品トレーニングなど、セールス有効化活動を行います。
• 営業チームと技術サポートの間のインターフェースとして機能し、顧客の技術的な課題を解決します。
• 当社主催やパートナーとの共同イベントでのウェビナーや製品デモンストレーションなど、プロモーション活動を行います。

Your Experience

【必須条件】

• プリセールスエンジニアとしての提案経験（顧客分析、課題提案、製品・サービス提案）
• 顧客のサイバーセキュリティ対策に関する理解と経験（エンドポイント、ネットワーク、クラウドにおけるサイバーセキュリティ対策のプリセールス経験）
• 日本語：流暢またはネイティブレベル
• 英語：ビジネスレベルでのメール対応、日常会話レベルでの会話力

【歓迎条件（WANT）】

• エンドポイントセキュリティ（EPP、EDR）の経験
• ネットワークセキュリティ（IPS/IDS、NDR、ZTNA）の経験
• クラウドセキュリティ（AWS、GCP、Azure、CSPM、CWPP）の経験
• SIEM、SOAR の経験
• SOC（セキュリティオペレーションセンター）運用に関する知識と経験
• 脆弱性診断サービスなどのセキュリティサービス経験
• マルウェア、エクスプロイト、サンドボックス、スクリプト（Python/OS）、クラウド/仮想化環境に関する知識

【求める人物像】

• スピード感を持ちながら複数のタスクを同時にこなせる方
• 既成概念にとらわれず、新しい挑戦をいとわず、自主的に学び続ける姿勢を持つ方
• 自立して働きつつも、チームプレイを大切にし、同僚を信頼できる方

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Career

As a SIEM Engineer for Cortex XSIAM, you will play a pivotal role in assisting our customers with seamless log migration and effective detection strategies. Working closely with the technical lead, you will ensure the successful onboarding and ingestion of relevant log sources into XSIAM, adhering to industry best practices and meeting customer-specific requirements. Your responsibilities will also involve devising suitable detection strategies to fortify our customers' defenses against threats, encompassing the design and implementation of correlation rules.

Your Impact

• Collaborate with the technical lead to devise a comprehensive log ingestion strategy
• Contribute to the development of detection strategies based on industry best practices
• Articulate a step-by-step process to ensure the ingestion of high-quality log sources
• Monitor and optimize log sources for optimal performance
• Create meticulous and effective correlation rules
• Fine-tune log sources and correlation rules to enhance system efficiency
• Serve as the subject matter expert (SME) in SIEM, correlation, and log source ingestion
• Serve as a trusted advisor to end customers, offering consultative guidance and expertise in optimizing the utilization of Cortex XSIAM
• Leverage your in-depth knowledge of SIEM and SOC practices to assess customer needs, provide tailored recommendations, and assist in the formulation of effective security strategies
• Collaborate closely with customers to understand their unique challenges and objectives, translating them into actionable steps that enhance their security posture
• Identify opportunities to enhance analyst alert handling through automation
• Foster collaboration with internal and external teams to drive product adoption
• Produce technical documentation detailing SIEM aspects of the engagement
• Occasionally travel to customer meetings and workshops (up to 10% of the time)

Your Experience

• Exceptional written and verbal communication and presentation skills, for both internal and external interactions
• 6+ years of hands-on experience in deploying and integrating SIEM solutions within enterprise to large enterprise-level environments
• Proficiency in coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring using SIEM platforms
• Ability to conceive and develop correlation and detection rules in SIEM systems to enable effective alerting
• Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar
• Proven experience in providing consultative services to end customers within the realm of cybersecurity, particularly in SIEM and SOC domains
• Demonstrated ability to comprehend customer requirements, analyze complex security environments, and deliver strategic recommendations that align with their goals
• Strong expertise in Regular Expressions (Regex)
• Skill in understanding logs and locating relevant third-party documentation when required
• Knowledge of generating reports on SIEM status, including metrics like logging source count, log collection rate, and other performance indicators
• Understanding of Security Analysis & Response, encompassing endpoint, network, and cloud-based environments is a plus
• Proficient in comprehending and creating technical design documentation
• 4 years of experience with Security Operations Centers (SOC) tooling and processes
• Relevant bachelor's degree or industry-recognized qualifications (CISSP, GIAC, SIEM Vendor Qualification, etc.), is a plus

All your information will be kept confidential according to EEO guidelines.

Being the cybersecurity partner of choice, protecting our digital way of life.

Your Impact

• Consult and guide customer on security best practices and act as Trusted Advisor for client on behalf of Palo Alto Networks
• Analyze logs and events from the solution and provide threat analysis reports, providing input and direction as applicable
• Build custom security policies and application signatures
• Interact with the Palo Alto Networks TAC to troubleshoot and diagnose cases
• Maintain the Palo Alto Networks solution and provide guidance on code upgrades, etc.
• Work with sales account team to help formulate technical strategy to address customer business needs
• Support direct manager in managing business needs through weekly reports and Quarterly Business Reviews

Your Experience

• 5+ years of IT–related experience
• 3+ years of cyber security–related experience
• Self–driven with ability to work autonomously
• Excellent written and verbal communication skills in Japanese as this position is required to work with Japanese–speaking clients on a daily basis – the ability to clearly articulate technical issues to both technical and non–technical audiences and to explain the impact in business terms to Sr leaders and technical peers
• Possess ability to read / write in English is mandatory – verbal communication in English is strongly preferred
• Required strong experience deploying and managing endpoint security products
• Required strong experience with Microsoft Windows based applications (Installation, troubleshooting, Debugging)
• Required strong experience with endpoint security. (Antivirus, EDR, DLP)
• Required experience with SOC operation (Malware analysis, Log analysis, Threat intelligence)
• Required experience with SOC automation (managing alert, automated playbooks)
• Detailed understanding of SIEM, log analysis and correlation analysis
• Ability to effectively manage many different tasks simultaneously
• Proven project leadership experience; ability to drive organizations and resources to complete required tasks in service of end goals

As threats and technology evolve, we stay in step to accomplish our mission. You'll be involved in implementing new products, transitioning from old products to new, and will fix integrations and critical issues as they are raised. But you won't wait for them to be raised, you'll seek them out, too. We fix and identify technical problems, with a pointed focus of providing the best customer support in the industry.

All your information will be kept confidential according to EEO guidelines.