Sr Professional Services Architect

Office, AustraliaFull-timePosted Jul 1, 2026
Open original posting

Our Mission

At Palo Alto Networks®, we’re united by a shared mission—to protect our digital way of life. We thrive at the intersection of innovation and impact, solving real-world problems with cutting-edge technology and bold thinking. Here, everyone has a voice, and every idea counts. If you’re ready to do the most meaningful work of your career alongside people who are just as passionate as you are, you’re in the right place.

Who We Are

In order to be the cybersecurity partner of choice, we must trailblaze the path and shape the future of our industry. This is something our employees work at each day and is defined by our values: Disruption, Collaboration, Execution, Integrity, and Inclusion. We weave AI into the fabric of everything we do and use it to augment the impact every individual can have. If you are passionate about solving real-world problems and ideating beside the best and the brightest, we invite you to join us!

We believe collaboration thrives in person. That’s why most of our teams work from the office full time, with flexibility when it’s needed. This model supports real-time problem-solving, stronger relationships, and the kind of precision that drives great outcomes.

Job Summary

Your Career
As a Principal Professional Services Architect for Cortex XSIAM, you will serve as a senior technical and strategic leader, bridging complex service delivery with long-term customer success outcomes. In this hybrid role, you will spend your time delivering billable engagements such as data onboarding, correlation engineering, and automation design. You would partner with customers as their strategic advisor and architect, driving platform adoption, maturity, and measurable security outcomes.


You'll engage with CISOs, SOC leaders, and security engineering teams at some of our largest and most strategic customers to design scalable ingestion architectures, help customers evolve their detection strategy, and partner with them on SOC transformation initiatives. Your work will focus on co-creating solutions with customers — refining existing processes, aligning them with XSIAM capabilities, and providing best-practice recommendations to accelerate adoption and value realization.


Your Impact
Billable Engagements (~45%)
Architect and deliver data ingestion pipelines, ensuring telemetry from diverse sources (endpoint, network, cloud, identity) is normalized, high-quality, and aligned with best practices

Design and implement custom correlation logic detections to address customer-specific use cases, leveraging platform capabilities and reference content — not building detections from scratch

Advise on detection strategies by mapping customer threat models and operational needs to actionable detection use cases, ensuring alignment with Cortex's research-driven detection content

Review, refine, and recommend improvements to existing incident response workflows and automation playbooks, aligning them with XSIAM capabilities and industry best practices while respecting established customer processes

Mentor and enable customer SOC teams on alert triage optimization, enrichment strategies, and continuous detection tuning

Produce and deliver technical documentation, architecture diagrams, runbooks, and operational guides that support ongoing SOC operations

Conduct workshops and hands-on sessions to transfer knowledge and upskill customer teams on the effective use of XSIAM.

Principal Customer Success Architect (~55%)
Serve as a trusted advisor to CISOs, SOC Directors, and security engineering leaders, shaping their long-term XSIAM adoption strategy and architecture roadmap

Lead architecture design sessions, maturity assessments, and strategic workshops to translate business objectives into actionable technical plans

Design and deliver reference architectures, best-practice frameworks, and operational blueprints in collaboration with customer teams, enabling them to evolve and sustain their SOC capabilities

Provide strategic recommendations to enhance SOC maturity, including ingestion strategies, detection priorities, automation approaches, and operational workflows

Identify opportunities for optimization, automation, and expansion within the customer environment, guiding them toward continuous improvement and advanced use of XSIAM features

Act as the technical escalation point and strategic liaison across customer, product, and internal engineering teams to ensure platform adoption and success metrics are achieved

Capture and relay customer feedback to internal product and engineering teams, influencing roadmap priorities and feature evolution.

Qualifications

Your Experience 10+ years in Security Operations, SIEM, detection engineering, or related roles, with at least 4+ years in an architecture, advisory, or leadership capacity Proven experience leading enterprise-scale SOC or SIEM transformation projects from design to operationalization Deep expertise in SIEM platforms (Cortex XSIAM, Splunk, QRadar, Sentinel, etc.) and security analytics methodologies Strong background in log ingestion, normalization, enrichment, correlation engineering, and detection strategy design Experience designing or improving automation workflows, SOAR integrations, and response playbooks based on existing operational processes Strong consultative skills and experience engaging directly with executive stakeholders to align security strategies with business goals Hands-on knowledge of threat hunting, detection engineering, and SOC optimization practices Proficiency with Regex, log parsing, and telemetry schema design Familiarity with MITRE ATT&CK, NIST CSF, and SOC maturity models Exceptional communication and presentation skills, with the ability to translate complex technical topics for technical and non-technical audiences Bachelor's degree in a relevant field or equivalent experience; certifications such as CISSP, GIAC, or SIEM vendor credentials are preferred.

Our Commitment

We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at  accommodations@paloaltonetworks.com.

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.

Is role eligible for Immigration Sponsorship?: Yes

Want jobs like this matched to you?

Swoopd scores fresh postings against your résumé so you only see the matches that matter.

Get started free