We are seeking a highly skilled and experienced SIEM Architect to join our dynamic cybersecurity team. In this role, you will be responsible for designing, implementing, and optimizing Security Information and Event Management (SIEM) systems to enhance our organization's security posture. You will work closely with security operations, incident response, and other IT teams to ensure the effective detection, analysis, and response to security threats across the organization.
We are unable to provide sponsorship at this time
About the Role: Key Responsibilities:
- Design & Architecture: Lead the design and implementation of SIEM solutions to meet the organization's security requirements and operational needs. Collaborate with cross-functional teams to ensure seamless integration of SIEM platforms with other security technologies and IT infrastructure.
- Implementation & Configuration: Oversee the installation, configuration, and deployment of SIEM solutions. Develop custom rules, use cases, and dashboards to optimize security monitoring and incident detection.
- Optimization & Tuning: Continuously optimize the SIEM platform to improve event correlation, reduce false positives, and enhance overall performance. Perform regular tuning of SIEM to adapt to evolving threats and business needs.
- Incident Detection & Response: Work closely with security operations teams to monitor, analyze, and respond to security incidents using SIEM tools. Develop and maintain playbooks, workflows, and automated response procedures for security events.
- Training & Documentation: Provide training and guidance to security operations teams on SIEM platform usage, including best practices, troubleshooting, and advanced features. Document system configurations, policies, procedures, and incident response protocols.
- Continuous Improvement: Stay up-to-date with the latest trends in cybersecurity, SIEM technologies, and threat intelligence. Continuously improve the SIEM platform and security monitoring capabilities to stay ahead of emerging threats.
Qualifications:
- Education: Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field. Relevant certifications are a plus (e.g., CISSP, CISM, or vendor-specific SIEM certifications).
- Experience: 5+ years of experience in IT security with a focus on SIEM technologies. Hands-on experience with leading SIEM platforms such as Splunk, IBM QRadar, ArcSight, or LogRhythm. Strong knowledge of security event log management, threat detection, and incident response. Familiarity with network security, endpoint security, and cloud security.
Technical Skills:
- Expertise in designing and configuring SIEM solutions.
- Proficiency in scripting languages (Python, PowerShell, etc.) for automation and custom rule creation.
- Experience with security frameworks such as NIST, ISO 27001, and PCI DSS.
- Strong understanding of security event log formats (e.g., Syslog, Windows Event Logs, and SNMP traps).