Senior SIEM Engineer

About The Position

Requirements

• 6+ years of experience in cybersecurity, IT operations, or DevOps, with at least 3 years administering or architecting SIEM platforms
• Deep understanding of log management, correlation, and alerting principles
• Hands-on experience with one or more enterprise SIEMs — Splunk, Microsoft Sentinel, Elastic, Exabeam, QRadar, or DataDog
• Strong scripting and automation skills using Python, PowerShell, or REST APIs
• Familiarity with modern cloud and container platforms (AWS, Azure, GCP)
• Ability to work cross-functionally and translate operational data into actionable insights
• Excellent problem-solving, communication, and documentation skills

Nice To Haves

• Certifications such as Splunk Certified Architect, Microsoft Sentinel Engineer, GIAC GCDA/GCIH, or AWS Security Specialty
• Experience building shared data pipelines and multi-tenant dashboards
• Exposure to business data integration (CRM, ticketing, or SaaS telemetry)
• Background in automation, observability, or detection content development
• Bachelor’s degree in Computer Science, Cybersecurity, or related field, or equivalent experience

Responsibilities

• Architect, deploy, and maintain a scalable, multi-tenant SIEM platform for security and operational use cases
• Design and manage data ingestion pipelines from diverse sources, including infrastructure, cloud services, SaaS, and endpoints
• Build and maintain integrations with enterprise tools such as EDR, SOAR, ITSM, CRM, and CI/CD systems
• Develop automation for log collection, normalization, enrichment, and correlation
• Tune and optimize correlation rules, dashboards, and detections to maximize context and minimize noise
• Partner with Security and SOC teams to enhance threat detection, incident response, and forensic capabilities
• Collaborate with DevOps, Engineering, and NOC teams to improve performance monitoring, uptime, and observability
• Support IT and Helpdesk with visibility into authentication, endpoint, and user activity data
• Enable Sales and Customer Success with security posture metrics and operational reporting
• Ensure SIEM architecture supports audit, compliance, and risk frameworks such as SOC 2, ISO 27001, HIPAA, and PCI DSS
• Define and enforce data retention, access control, and classification policies
• Mentor junior engineers and analysts on detection engineering and observability best practices
• Promote adoption of the SIEM platform as a shared service across all departments

Benefits

• Medical, Dental & Vision (inclusive of domestic partnerships)
• Employer Paid Life Insurance & Employee/Spouse/Child Supplemental life
• Voluntary Short/Long Term Disability Insurance
• 401K (Roth/Traditional)
• A generous PTO plan that celebrates your commitment and seniority (including paid Bereavement/Jury Duty, etc)
• Above market annual bonuses