Skip to main content

Palo Alto Networks is on a mission to keep the digital world safe, and this extends to job seekers as well. Please be mindful of a current bad actor practice of recruiters impersonating us. If you receive an email from someone who does not have a @paloaltonetworks.com email address, please do not respond or engage.

Two women reviewing a computer screen

Job Details

Revolutionizing protection.

Define what’s next in cybersecurity.

XSIAM Endpoint Engineer

Mumbai, Maharashtra, India Global Customer Services Ref ID: JR-015141
Apply

Current Employees, apply here

Our Mission

At Palo Alto Networks®, we’re united by a shared mission—to protect our digital way of life. We thrive at the intersection of innovation and impact, solving real-world problems with cutting-edge technology and bold thinking. Here, everyone has a voice, and every idea counts. If you’re ready to do the most meaningful work of your career alongside people who are just as passionate as you are, you’re in the right place.

Who We Are

In order to be the cybersecurity partner of choice, we must trailblaze the path and shape the future of our industry. This is something our employees work at each day and is defined by our values: Disruption, Collaboration, Execution, Integrity, and Inclusion. We weave AI into the fabric of everything we do and use it to augment the impact every individual can have. If you are passionate about solving real-world problems and ideating beside the best and the brightest, we invite you to join us!

We believe collaboration thrives in person. That’s why most of our teams work from the office full time, with flexibility when it’s needed. This model supports real-time problem-solving, stronger relationships, and the kind of precision that drives great outcomes.

Job Summary

The Cortex XSIAM Endpoint Engineer is a specialized technical role within the Professional Services team. This individual will be a key player in the successful deployment and operationalization of Palo Alto Networks' Cortex XSIAM platform, with a specific focus on the endpoint security components. The role centers on migrating customers from existing Cortex XDR or third-party EDR solutions to XSIAM, managing agent deployment, and tuning endpoint security policies to help customers maximize the value of our AI-driven SOC platform.

This position requires a deep understanding of endpoint security (EDR/XDR), agent lifecycle management, and security policy configuration, combined with hands-on expertise in the Cortex XSIAM platform.

Your Impact

  • Endpoint Migration & Deployment:

    • Lead and execute the migration of endpoint agents from Cortex XDR or legacy EDR platforms to Cortex XSIAM.

    • Develop and implement a phased agent rollout plan to ensure a smooth transition with minimal disruption.

    • Create migration plans for moving agents and assist in updating the customer's architecture diagrams to reflect the new XSIAM endpoint traffic flow.

    • Perform agent compatibility checks against various endpoint OS versions and conduct pilot validations before mass rollouts.

  • Policy and Configuration Management:

    • Analyze the customer's existing XDR policies, profiles, and configurations to plan a successful migration to Cortex XSIAM.

    • Implement and fine-tune endpoint security policies, profiles, and exception rules within the XSIAM console to align with customer security objectives.

    • Manage global allow/block lists, exceptions, and other endpoint-specific configurations post-migration.

    • Recreate and apply configurations such as tags and exception profiles for different operating systems (e.g., Windows, Linux, macOS) in the unified XSIAM tenant.

  • Endpoint Health and Operationalization:

    • Ensure endpoint agents are healthy and managed centrally post-migration.

    • Collaborate with the customer's SOC and endpoint teams to tune alerts, validate security posture, and reduce alert fatigue.

    • Provide expert guidance on endpoint security best practices, including threat prevention, device control, and data loss prevention (DLP).

  • Customer Enablement and Project Success:

    • Act as the key technical endpoint resource within the project team, working alongside the XSIAM Lead Consultant, SIEM Engineer, and Project Manager.

    • Contribute to key project documents, including the Solution Design and As-Built documents, with a focus on endpoint architecture and configuration.

    • Participate in testing and pre-production activities to ensure a smooth go-live for all endpoint-related functions.

    • Assist in transitioning the customer to Business-As-Usual (BAU) operations and handing over to the appropriate long-term support teams.

Qualifications

Your Experience

  • Technical Skills:

    • Proven experience with endpoint security solutions (EDR/XDR), specifically with agent deployment, policy management, and troubleshooting.

    • Hands-on experience with Cortex XDR is highly desirable.

    • Direct experience with Cortex XSIAM, particularly in agent migration from XDR to XSIAM, is a strong plus.

    • Strong understanding of endpoint operating systems (Windows, Linux, macOS) and their security configurations.

    • Familiarity with SOC operations and how endpoint data is used for threat hunting, investigation, and response.

    • Knowledge of scripting for agent deployment and management is an asset.

  • Professional Attributes:

    • Experience in a customer-facing, consultative role, such as professional services, technical account management, or solutions architecture.

    • Strong analytical and problem-solving skills to navigate complex agent migration and policy-tuning challenges.

    • Excellent communication skills, with the ability to manage stakeholder expectations and collaborate effectively with customer endpoint teams.

    • Ability to work effectively as part of a distributed project team to drive successful customer outcomes.

Our Commitment

We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at  accommodations@paloaltonetworks.com.

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.

Is role eligible for Immigration Sponsorship? No. Please note that we will not sponsor applicants for work visas for this position.
Apply

Current Employees, apply here

See What's Around This Office

Related Jobs

MORE PALO ALTO NETWORKS

View All of Our Available Opportunities

No Recently Viewed Jobs

No Recently Viewed Jobs

Stay connected to our opportunities with the latest news and event invites.

Interested In

  • Global Customer Services, Mumbai, Maharashtra, IndiaRemove

By signing up, I acknowledge I have read the Palo Alto Networks privacy policy, and I wish to receive email communications and SMS communications. I understand I can opt-out from receiving email and SMS communications at any time.

Unlock career insights and get exclusive information tailored just to you.

Join Our Talent Community