Senior SIEM Engineer

Keeper Security is hiring an experienced Senior SIEM Engineer to design, scale, and maintain Keeper’s enterprise observability and security telemetry platform. This is a 100% remote position, with an opportunity to work a hybrid schedule for candidates based in the El Dorado Hills, CA or Chicago, IL metro area.

Keeper’s cybersecurity software is trusted by millions of people and thousands of organizations, globally. Keeper is published in 21 languages and is sold in over 120 countries. Join one of the fastest-growing cybersecurity companies and bring your IL5 DevOps expertise to mission-critical work.

About Keeper

Keeper Security is transforming cybersecurity for organizations around the world with next-generation privileged access management. Keeper’s zero-trust and zero-knowledge cybersecurity solutions are FedRAMP and StateRAMP Authorized, FIPS 140-2 validated, as well as SOC 2 and ISO 27001 certified. Keeper deploys in minutes, not months, and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance. Trusted by thousands of organizations to protect every user on every device, Keeper is the industry leader for best-in-class password management, secrets management, privileged access, secure remote access and encrypted messaging. Learn more at KeeperSecurity.com.

About the Job

As a Senior SIEM Engineer, you’ll own the architecture and ongoing optimization of Keeper’s SIEM platform. You’ll ensure real-time visibility, reliable telemetry, and security observability across all environments cloud, on-premises, and SaaS. This role goes beyond traditional SOC operations; you’ll enable every function in the business to gain actionable insights through a unified, high-fidelity telemetry ecosystem.

Responsibilities

• Architect, deploy, and maintain a scalable, multi-tenant SIEM platform for security and operational use cases

• Design and manage data ingestion pipelines from diverse sources, including infrastructure, cloud services, SaaS, and endpoints

• Build and maintain integrations with enterprise tools such as EDR, SOAR, ITSM, CRM, and CI/CD systems

• Develop automation for log collection, normalization, enrichment, and correlation

• Tune and optimize correlation rules, dashboards, and detections to maximize context and minimize noise

• Partner with Security and SOC teams to enhance threat detection, incident response, and forensic capabilities

• Collaborate with DevOps, Engineering, and NOC teams to improve performance monitoring, uptime, and observability

• Support IT and Helpdesk with visibility into authentication, endpoint, and user activity data

• Enable Sales and Customer Success with security posture metrics and operational reporting

• Ensure SIEM architecture supports audit, compliance, and risk frameworks such as SOC 2, ISO 27001, HIPAA, and PCI DSS

• Define and enforce data retention, access control, and classification policies

• Mentor junior engineers and analysts on detection engineering and observability best practices

• Promote adoption of the SIEM platform as a shared service across all departments

Requirements

• 6+ years of experience in cybersecurity, IT operations, or DevOps, with at least 3 years administering or architecting SIEM platforms

• Deep understanding of log management, correlation, and alerting principles

• Hands-on experience with one or more enterprise SIEMs — Splunk, Microsoft Sentinel, Elastic, Exabeam, QRadar, or DataDog

• Strong scripting and automation skills using Python, PowerShell, or REST APIs

• Familiarity with modern cloud and container platforms (AWS, Azure, GCP)

• Ability to work cross-functionally and translate operational data into actionable insights

• Excellent problem-solving, communication, and documentation skills

Preferred Qualifications

• Certifications such as Splunk Certified Architect, Microsoft Sentinel Engineer, GIAC GCDA/GCIH, or AWS Security Specialty

• Experience building shared data pipelines and multi-tenant dashboards

• Exposure to business data integration (CRM, ticketing, or SaaS telemetry)

• Background in automation, observability, or detection content development

• Bachelor’s degree in Computer Science, Cybersecurity, or related field, or equivalent experience

Benefits

• Medical, Dental & Vision (inclusive of domestic partnerships)

• Employer Paid Life Insurance & Employee/Spouse/Child Supplemental life

• Voluntary Short/Long Term Disability Insurance

• 401K (Roth/Traditional)

• A generous PTO plan that celebrates your commitment and seniority (including paid Bereavement/Jury Duty, etc)

• Above market annual bonuses

Keeper Security, Inc. is an equal opportunity employer and participant in the U.S. Federal E-Verify program. We celebrate diversity and are committed to creating an inclusive environment for all employees.

Classification: Exempt