SIEM Engineer III

Role Summary:

The SIEM Engineer III is a hands-on role within the Professional Services team, responsible for architecting, planning, implementing, and operationalizing SIEM platforms for customers. This role involves designing secure data flows, deploying collectors and agents, creating dashboards, connectors, and content, integrating SOAR solutions, and training customers for successful adoption. The position requires strong technical expertise in SIEM, scripting, and cybersecurity best practices.

Key Responsibilities:

• Lead end-to-end SIEM implementation and integrations in customer environments.
• Understand customer requirements and threat landscape to develop tailored use cases.
• Deploy collectors and agents for on-premises and cloud data collection.
• Design secure data flows into the Securonix cloud following industry best practices.
• Develop dashboards, data models, use cases, and connectors to support custom requirements.
• Troubleshoot network and infrastructure issues during data onboarding.
• Integrate SOAR solutions for response orchestration.
• Train and enable customers and partners for effective platform adoption.

Minimum Requirements:

• 5+ years of experience in information security and SIEM solutions.
• Strong knowledge of SIEM tools such as Splunk, Qradar, ArcSight, LogRhythm, Exabeam.
• Understanding of MITRE ATT&CK framework, kill chains, and attack models.
• Strong scripting skills in Python and PowerShell.
• Industry certifications such as CISSP or CISM.
• Excellent communication and customer-facing experience.

Preferred:

• Experience with UEBA deployment and machine learning in cybersecurity.
• Knowledge of cloud platforms (AWS, Azure, Google Cloud).
• Understanding of log collection methodologies and Hadoop ecosystem.
• Experience with endpoint security, host-based intrusion detection, and network forensics tools.