Trellix/ McAFee SIEM Consultant - Short Term Engagement

Piper Companies is seeking a SIEM Engineer for a Short-term contract supporting one of the largest network security organizations in the world. This role focuses on Trellix SIEM (Enterprise Security Manager / ESM) engineering, including log ingestion, correlation rule development, MITRE ATT&CK–aligned detections, and enterprise‑scale SIEM operations. Engagements will last 4-18 weeks.

Responsibilities of the SIEM Consultant:

• Engineer, configure, and optimize Trellix SIEM / ESM for enterprise‑scale monitoring and detection
• Design and maintain log ingestion pipelines and parsers across diverse security and infrastructure data sources
• Develop, tune, and optimize correlation rules and detection logic, aligned to MITRE ATT&CK and related frameworks
• Perform SIEM use‑case development to improve alert fidelity, reduce false positives, and enhance threat visibility
• Troubleshoot ingestion, parsing, correlation, and performance issues within Trellix ESM
• Maintain and support Linux‑based SIEM infrastructure and automation processes
• Collaborate with SOC analysts, engineers, and leadership to enable scalable, detection‑driven security operations
• Participate in a large‑scale SIEM deployment, ensuring stability, performance, and operational readiness

Qualifications of the SIEM Consultant:

• Hands‑on experience with Trellix SIEM / ESM (Enterprise Security Manager)
• Strong background in SIEM engineering, including log ingestion, correlation, and detection tuning
• Experience developing detections using MITRE ATT&CK and threat‑based modeling
• Strong Linux experience (administration, scripting, and troubleshooting)
• Working knowledge of Python scripting or automation to support SIEM operations and workflows
• Experience supporting enterprise or large‑scale SOC environments

Compensation for the SIEM Consultant:

• Rate: *based on experience*

Keywords:

Trellix SIEM, Trellix ESM, Enterprise Security Manager, SIEM Engineering, SIEM Consulting, Log Ingestion, Log Parsing, Parser Development, Data Source Configuration, Correlation Rule Development, Detection Engineering, MITRE ATT&CK, Threat‑Based Detection Modeling, Use Case Development, Alert Tuning, False Positive Reduction, Threat Visibility, Enterprise SIEM Operations, SIEM Performance Optimization, Linux Administration, Linux Troubleshooting, Linux‑Based Security Platforms, Python Scripting, SIEM Automation, SOC Operations, Large‑Scale SIEM Deployments, Security Event Monitoring, Incident Detection, Security Analytics, Threat Hunting Support, Enterprise Security Infrastructure, Short‑Term Consulting Engagements, contract, consulting, short-term