Remotery

SIEM Engineer

Posted May 14

This is a fully remote position, open to applicants in India.

📋 Description

• Configure, oversee, and maintain SIEM platforms to ensure efficient log collection, event correlation, and alerting systems.

• Design, implement, and enhance use cases, correlation rules, and threat detection playbooks to identify and address security threats in real-time.

• Conduct initial triage, analysis, and investigation of security alerts and incidents, escalating critical matters to senior SOC members as necessary.

• Integrate various log sources (e.g., firewalls, IDS/IPS, endpoints, cloud platforms like AWS/Azure) into the SIEM system and ensure seamless data ingestion.

• Continuously optimize and adjust SIEM alerts to minimize false positives and enhance the accuracy of threat detection.

• Collaborate closely with SOC analysts, incident response teams, and other IT/security teams to coordinate threat mitigation and remediation activities.

• Produce detailed reports on SIEM performance, incident metrics, and security trends, while maintaining comprehensive documentation of processes and procedures.

• Integrate threat intelligence feeds into SIEM systems to improve detection capabilities and stay informed about emerging threats.

• Develop scripts (e.g., Python, PowerShell) to automate repetitive tasks and enhance SOC operational efficiency.

• Stay informed on the latest cybersecurity trends, SIEM technologies, and attack vectors to bolster SOC capabilities.


⛳️ Requirements

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

• 4-5 years of experience in cybersecurity, with a minimum of 2 years focused on SIEM administration and management.

• Hands-on experience with SIEM platforms such as Sentinel, Splunk, IBM QRadar, ArcSight, or LogRhythm.

• Previous experience in a Security Operations Center (SOC) environment is highly advantageous.

• Proficient in SIEM architecture, data collection, and event correlation.

• Knowledgeable in network security, firewalls, IDS/IPS, and endpoint detection and response (EDR) tools.

• Familiar with cloud security platforms (e.g., AWS, Azure, Google Cloud) and their integration with SIEM.

• Proficient in scripting with Python, PowerShell, or similar languages for automation purposes.

• Understanding of TCP/IP, network protocols, and enterprise network security technologies.

• Strong analytical and problem-solving abilities to identify and mitigate complex security threats.

• Excellent communication skills for reporting, documentation, and collaboration with cross-functional teams.


🏝️ Benefits

• Health insurance

• Retirement plans

• Paid time off

• Flexible work arrangements

• Professional development

People also viewed

Shermco Industries21 hours ago

Junior Protection & Control Specialist – Technologist/Engineer

CA flagCanada OnlyFull-timeEngineer$50 – $60/hour
ApplyView job
Parallelz21 hours ago

Principal Graphics Engineer

CA flagCanada OnlyFull-timeEngineer
ApplyView job
Bart & Associates, Inc.21 hours ago

Release Train Engineer

US flagUnited States OnlyFull-timeEngineer
ApplyView job
Owens Corning21 hours ago

Continuous Improvement Engineer

US flagKansas, +1 more stateFull-timeEngineer
ApplyView job
Aalyria21 hours ago

Mission Engineer

US flagUnited States OnlyFull-timeEngineer$150k – $185k/year
ApplyView job
Aave Labs21 hours ago

Staff Quant Strategist Engineer

FR flagFrance OnlyFull-timeEngineer
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers