SIEM Architect/Engineer

About The Position

Requirements

• You have 5–7 years of experience architecting, deploying, and optimizing SIEM platforms in enterprise environments.
• You’ve worked hands-on with modern SIEM tools like Cribl, Splunk, AWS, Snowflake, and Databricks, and know how to tailor them to complex environments.
• You understand security telemetry deeply—logs from firewalls, endpoints, cloud services, identity providers, and applications are second nature to you.
• You automate and integrate with ease using Python, Bash, and Terraform, streamlining workflows and boosting efficiency.
• You engineer log pipelines, normalize and enrich data, and ensure it’s ready for analysis and detection.
• You communicate clearly and consult effectively, translating technical requirements into business outcomes that matter.
• You’re familiar with MITRE ATTACK, and skilled in detection engineering and threat hunting methodologies.
• You have a strong background in cloud security and DevSecOps, and know how to embed security into every stage of development.

Responsibilities

• Architect, build, and implement scalable and resilient SIEM solutions tailored to customer requirements.
• Leverage modern technologies such as Splunk, Cribl, Snowflake, Databricks and AWS-native services to build advanced detection and investigation capabilities.
• Analyze and normalize diverse security log sources to ensure comprehensive visibility and actionable insights.
• Collaborate with customers to understand their security operations needs and develop tailored SIEM strategies and roadmaps.
• Enable customers to fine-tune detection logic, correlation rules, and alerting mechanisms for maximum effectiveness and minimal noise.
• Integrate platforms with broader security ecosystems including SOAR, EDR, threat intelligence, and cloud-native tools.
• Build and maintain system health checks, high availability configurations, and log pipeline reliability.
• Stay current with emerging threats, SIEM technologies, and industry trends to continuously evolve detection and response strategies.
• Provide expert-level troubleshooting and resolution support for complex SIEM-related issues and performance bottlenecks.

Benefits

• In addition to a highly competitive base salary, per plan guidelines, restrictions and vesting requirements, you also will be eligible for an individual annual performance bonus, plus Capital’s annual profitability bonus plus a retirement plan where Capital contributes 15% of your eligible earnings.