Senior Cyber Security Engineer - SIEM and Automation

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent experience)
• 3–7+ years of experience in SIEM engineering, detection engineering, or security operations
• Hands-on experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar, Elastic)
• Strong understanding of log sources (Windows, Linux, cloud platforms, network devices)
• Experience with query languages (e.g., SPL, KQL, Lucene, SQL)
• Knowledge of MITRE ATT&CK framework and adversary tactics/techniques
• Experience onboarding and parsing diverse data sources

Nice To Haves

• Experience with SOAR platforms and security automation
• Familiarity with cloud environments (AWS, Azure, GCP) and their native logging tools
• Scripting or programming skills (Python, PowerShell, etc.)
• Experience with detection-as-code and version control practices
• Security certifications (e.g., GCIA, GCIH, CISSP, Splunk Certified, Microsoft SC-200)

Responsibilities

• Design, develop, and maintain SIEM detection use cases aligned with MITRE ATT&CK and threat intelligence
• Translate threat scenarios into actionable detection logic and correlation rules
• Continuously improve detection coverage through gap analysis and adversary simulation insights
• Define and implement logging requirements across cloud, endpoint, network, and application layers
• Analyze log sources to ensure data quality, normalization, and completeness
• Identify gaps in telemetry and recommend improvements to enhance visibility
• Integrate new data sources into the SIEM (e.g., EDR, IAM, firewall, SaaS platforms)
• Work with engineering teams to onboard logs using APIs, agents, and log pipelines
• Ensure proper parsing, enrichment, and normalization of ingested data
• Reduce false positives through continuous alert tuning and threshold optimization
• Implement risk-based alerting and prioritization strategies
• Collaborate with SOC analysts to refine detection logic based on incident feedback
• Maintain and optimize SIEM performance, scalability, and cost efficiency
• Develop dashboards, reports, and visualizations for operational and leadership insights
• Support automation and orchestration efforts with SOAR integrations where applicable
• Partner with Threat Intelligence to operationalize indicators and emerging threats
• Support incident response investigations with log analysis and detection enhancements
• Stay current with evolving attack techniques and detection methodologies

Benefits

• Medical insurance
• Dental insurance
• Vision insurance
• Mental health support
• Wellness initiatives
• 401(k) Plan with Company matching contribution of up to 6% of eligible pay
• Company contribution equal to 3% of eligible pay
• Employee Assistance Program
• Matching charitable donations up to $5,000
• Volunteer Time Off (up to 16 hours annually)
• Paid Time Off (at least 24 days)