We are seeking an experienced Staff SIEM Engineer to join our cybersecurity team. As our Staff SIEM Engineer, you will be responsible for designing, implementing, optimizing, and overseeing our organization's security information and event management (SIEM) platform.

Responsibilities:

• Architect, deploy, and administer the SIEM platform (Splunk, Elastic, etc.)
• Collect and integrate logs from various systems and devices into the SIEM
• Develop and maintain use cases, correlation rules, and analytics to detect security threats and anomalies
• Ensure use case integrity and deployment status
• Create and customize SIEM dashboards, alerts, and reports to provide visibility into security events and data
• Tune SIEM to reduce false positives and highlight critical threats
• Conduct threat hunting, incident investigations, and forensic analysis leveraging the SIEM
• Collaborate with security analysts and IT teams to optimize SIEM capabilities
• Make recommendations for improving SIEM coverage and capabilities
• Stay current with cybersecurity threats, SIEM best practices, and new security technologies

Requirements:

• 5+ years of hands-on experience with SIEM deployment, configuration, and management
• Proficiency with SIEM platforms like Splunk, Elastic, QRadar, or similar
• Experience with log analysis, correlation, statistical analysis, and knowledge of threat intelligence
• Strong understanding of networking, operating systems, and cloud infrastructure
• Experience with IaaC technologies like Terraform, Puppet, Ansible; or similar
• Ability to communicate technical information clearly to both technical and non-technical audiences
• Strong problem solving and critical thinking skills