We have partnered with a global client in the search for a skilled SIEM Engineer with expertise in LogScale, Splunk, and Cribl to join their dynamic team. As a SIEM Engineer, you will play a critical role in enhancing our security infrastructure and ensuring the effective operation of our Security Information and Event Management (SIEM) system.

Your responsibilities will span across engineering, optimization, and incident resolution and will focus primarily on:

• Engineering and Security Documentation Maintenance: Creating and maintaining comprehensive engineering and security documentation related to SIEM architecture, configurations, and processes.• SIEM System Optimization: Collaborating with customers to fully optimize the capabilities of our SIEM system, leveraging audit and logging features from event log sources.

• Incident Investigation and Defect Resolution: Investigating security incidents, identifying defects, and delivering resolutions through Engineering into the Production Environment without impacting live services.

• Security Engineering Support: Providing support for security engineering requirements during projects, transitions, and transformations.

• Log Source Onboarding and Parsing: Onboarding new log sources into the SIEM system, ensuring correct parsing and normalization.

• Correlation Searches: Develop and maintain correlation searches to detect patterns and anomalies across log data.

• Performance Tuning: Optimize SIEM performance by fine-tuning configurations and rules.

• Log Source Monitoring: Monitor log sources and the log pipeline to ensure data integrity and timely processing.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or related field.

• Experience with LogScale, Splunk, and Cribl is essential.

• Strong understanding of SIEM concepts, log management, and security event correlation.

• Proficiency in scripting (e.g., Python, PowerShell) for automation and customization.

• Familiarity with network protocols, security frameworks, and threat intelligence.

• Excellent problem-solving skills and attention to detail.

• CISSP, CEH, or other relevant certifications are a plus.

• Strong understanding of Azure security monitoring

• Strong understanding of Windows Event monitoring

• Experience with AWS and GCP security monitoring.

• Minimum 5 years of IT experience within large enterprise environment

If you thrive in a fast-paced environment, enjoy tackling complex security challenges, and have a

passion for continuous improvement, we encourage you to apply for this exciting opportunity