SIEM Specialist

About the role

We are looking for an experienced SIEM Specialist to design, implement, manage, and optimize Security Information and Event Management platforms. The role will strengthen our security posture by delivering advanced threat detection, incident response support, and continuous monitoring.

Key responsibilities

• Deploy, configure, and manage SIEM platforms such as Splunk, IBM QRadar, Microsoft Sentinel, and Elastic SIEM.
• Develop and fine‑tune correlation rules, detection logic, and alerting mechanisms.
• Monitor security events, investigate alerts, and support incident response activities.
• Onboard log ingestion from network devices, endpoints, cloud platforms, and applications.
• Build dashboards, reports, and visualizations for security operations and leadership.
• Conduct threat‑hunting activities using SIEM data and external intelligence feeds.
• Collaborate with SOC analysts, incident responders, and security engineers to improve detection coverage.
• Maintain SIEM health, performance tuning, and storage optimization.
• Integrate SIEM with SOAR tools, threat‑intelligence platforms, and vulnerability‑management systems.
• Ensure compliance with frameworks such as NIST, ISO 27001, SOC 2, or HIPAA.
• Document procedures, playbooks, and detection‑engineering standards.

Required profile

• Bachelor’s degree in Cybersecurity, Computer Science, IT, or equivalent experience.
• 5+ years of hands‑on experience in SIEM administration, security operations, or SOC environments.
• Strong experience with at least one major SIEM platform (Splunk, QRadar, Sentinel, Elastic, etc.).
• Solid understanding of log formats, parsing, normalization, and data onboarding.
• Experience with threat‑detection engineering and rule development.
• Knowledge of TCP/IP networking, firewalls, IDS/IPS, VPNs, and cloud security (AWS, Azure, or GCP).
• Familiarity with the MITRE ATT&CK framework and threat modeling.

Required skills

• Splunk
• IBM QRadar
• Microsoft Sentinel
• Elastic SIEM
• Correlation rule development
• Log ingestion and normalization
• Threat hunting
• SOAR integration
• Threat intelligence platforms
• Vulnerability management systems
• NIST, ISO 27001, SOC 2, HIPAA compliance
• TCP/IP, firewalls, IDS/IPS, VPNs
• AWS, Azure, GCP
• MITRE ATT&CK framework

What we offer

• Competitive base salary
• Flexible work model: hybrid, remote, or in‑office
• Real growth opportunities and visibility with leadership
• A people‑first, purpose‑driven culture that invests in employee success