SIEM Engineer

About the role

We are looking for a SIEM Engineer to join our security operations team. The role focuses on maintaining, supporting and enhancing our security monitoring platforms to ensure timely detection and response to threats.

Key responsibilities

• Maintain and operate security solution platforms, including SIEM, SOAR and threat‑intel tools.
• Collaborate with the security team to understand use cases and develop playbooks.
• Identify improvement areas, create automation, and manage patching of security solutions.
• Perform day‑to‑day operational tasks, scheduled changes, troubleshooting and maintenance.
• Support vulnerability assessments and provide remediation guidance.
• Onboard new log sources, develop and maintain log parsers and data flows.
• Document technical procedures and share knowledge with peers.
• Act as a Subject Matter Expert to advise stakeholders and ensure project delivery.

Required profile

• Minimum 3 years of experience administering security solutions such as SIEM, SOAR, threat‑intel or log‑management platforms.
• Strong troubleshooting and analytical abilities.
• Basic project‑management skills and a positive, team‑oriented attitude.
• Passion for information security and a willingness to learn.
• Relevant certifications (e.g., SIEM Certified Administrator, SOAR Certified Administrator) are a plus.

Required skills

• SIEM platforms (e.g., Splunk, RSA)
• SOAR and threat‑intel platforms
• PowerShell scripting
• Bash scripting
• Regular expressions (regex)
• Automation and log‑parsing development
• Patch management and vulnerability assessment