SIEM Architect Engineering Lead

Level

The SIEM Engineering Manager is a senior leadership role within the Cyber Defense Center (CDC) responsible for the technical direction, operational governance, and delivery assurance of SIEM and SOAR capabilities. This role bridges engineering, automation, and AI innovation to support a self-driving, SLA-bound, and AI-augmented SOC.

1. Lead a cross-functional team of SIEM Engineers, SOAR Developers, Automation Leads, Content Writers, and GenAI Developers 2. Define and track delivery KPIs, SLAs, and transformation milestones across all engineering functions 3. Ensure 24x7 operational readiness and L3-level support coverage, including weekends 4. Ensure ingestion pipelines, correlation rules, and detection logic are aligned with threat models and compliance requirements 5. Govern platform health, scalability, and integration with XDR, DLP, and EDR tools 6. Direct the development of playbooks in Azure Logic Apps and other SOAR platforms 7. Collaborate with the Automation Lead to drive hyper-automation and reduce MTTR through intelligent workflows 8.Ensure playbooks are modular, scalable, and aligned with incident response procedures 9. Guide the GenAI Developer in embedding AI agents into SOC workflows for predictive analytics, RCA generation, and incident summarization 10. Oversee the Content Writer in documenting use cases, playbooks, and detection logic 11. Promote the use of Copilot prompts and KQL-based automation in Smart L2 operations 12. Participate in governance forums and transformation workshops with client stakeholders 13. Support audit, compliance, and risk management initiatives by ensuring traceability and documentation of all engineering activities 14. Act as an escalation point for critical incidents and influence OEMs for rapid resolution

Tool / Technology:
MS Sentinel