Platform SIEM Engineer II
About The Position
The Platform SIEM Engineer II’s primary goal is to provide expert production support for the Deepwatch managed security service offerings. Platform SIEM Engineers are responsible for the configuration, operation, and optimization of all SIEM systems and resources within Deepwatch. This position is ideal for candidates with experience in SIEM administration, systems engineering, or security operations who are ready to operate more independently in a fast-paced environment. The role provides hands-on experience supporting modern, cloud-native SIEM platforms at scale, working alongside senior Platform SIEM and Detection Engineers to onboard data sources, maintain platform health, troubleshoot data pipeline issues, and ensure our customers’ operational and security data is flowing, searchable, and reliable. Candidates must display aptitude and ability to manage a multitude of technology solutions in a fast paced environment. Candidates must also offer informed solutions or recommendations based on the understanding of the issue in front of them. This position is virtual / remote working from a home office unless traveling to a corporate office or client site.
Requirements
- 2+ years of experience in SIEM administration, security operations, or a related field.
- Hands-on experience with at least one SIEM platform such as Splunk, Microsoft Sentinel, Google SecOps, Securonix, CrowdStrike NG SIEM, or Palo Alto XSIAM
- Understand log data pipelines, parsing, normalization, and troubleshooting methodologies.
- Are comfortable administering and troubleshooting Linux and Windows systems
- Have experience working with cloud platforms such as AWS, Azure, or GCP
- Can independently troubleshoot operational issues and manage competing priorities
- Communicate clearly with both technical and non-technical audiences
- Maintain strong documentation and operational discipline in a fast-paced environment
- Have scripting experience in Python, Bash, or PowerShell
- Have experience with AWS, Azure, or GCP
- Hold relevant security or cloud certifications
Responsibilities
- Provide first line support of production impacting issues before engaging additional resources
- Monitor, manage, and optimize SIEM platform performance, which includes but are not limited to: Splunk, Google SecOps, Microsoft Sentinel, Securonix, CrowdStrike NG SIEM, Palo Alto XSIAM
- Maintain, manage, and troubleshoot log collection solutions running on Linux and Windows systems supporting data pipelines into SIEM platforms.
- Identify and remediate critical log ingest gaps to support continuous security monitoring
- Communicate with leadership and support roles (internal and external)
- Manage ticket request/incident statuses and provide timely follow up to internal and external customers
- Participate in projects/initiatives as needed
- Document network architectures and topologies
- Keep up-to-date with information security news, techniques, and trends
Benefits
- Medical, dental, vision, and disability insurance
- Flexible Time Off (FTO), 12 company holidays, sick leave and 8-Weeks Paid Parental Leave
- Unique professional development benefits with Annual “development dollars” to support our people growth and development
- Wellness contests and monthly educational programs
- 401(K) retirement program
- stock options
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
