SIEM Engineer

About The Position

Requirements

• Experience in SIEM engineering, cybersecurity operations, or data analytics
• Strong hands-on experience with Securonix SIEM, including rule creation, log ingestion, and dashboard development
• Proficiency in SQL, Python, Splunk, Elastic Stack, or other data analytics tools
• Experience with threat detection techniques, behavioral analytics, and machine learning in security
• Familiarity with cloud security monitoring (AWS, Azure, GCP) and integration with SIEM solutions
• Knowledge of MITRE ATT&CK, UEBA (User Entity Behavior Analytics), insider threat detection, and fraud prevention
• Strong understanding of log management, data correlation, and incident response frameworks

Nice To Haves

• Certifications such as SANS GIAC, CISSP, CEH, or Securonix certifications are a plus
• Experience working in the financial sector with a focus on fraud prevention, insider risk, or compliance monitoring
• Knowledge of big data platforms (Hadoop, Spark, Snowflake) and automation tools (SOAR, Python scripting, APIs)
• Ability to work with large datasets and build predictive models for security insights

Responsibilities

• Configure, deploy, and maintain the Securonix SIEM platform
• Develop and fine-tune correlation rules, use cases, and behavioral analytics
• Manage log ingestion pipelines and optimize data collection from various sources
• Troubleshoot performance issues, integrations, and data processing pipelines within Securonix
• Develop data models, analytics dashboards, and reports
• Collaborate with Insider Threat analysts, threat hunters, and fraud teams to investigate security incidents
• Automate alert triage processes and enhance SIEM workflows
• Assist in root cause analysis and remediation efforts for complex security threats
• Ensure SIEM configurations align with regulatory requirements
• Maintain documentation of use cases, data flows, and SIEM policies
• Identify opportunities to improve log ingestion, data normalization, and system scalability