Key skills
AWSAzureCloudCyber SecurityGoogle Cloud PlatformPythonSplunkBashPowerShellGCPGoogle CloudCloud Security
About this role
Role Overview
- Lead technical deliverables for SIEM implementation and operations including Microsoft Sentinel, Google SecOps, Palo Alto XSIAM, and Devo
- Perform Proof of Concept (PoC) and Proof of Value (PoV) engagements
- Conduct SIEM assessments to identify gaps and recommend improvements
- Develop and maintain data pipelines for log ingestion, normalization, and enrichment
- Integrate log sources using connectors, custom scripts, and parsers
- Build use cases aligned with NIST and MITRE ATT&CK frameworks
- Implement detection rules using SPL/KQL
- Develop dashboards, alerts, and workbooks
- Collaborate with cross-functional teams including SOC and threat hunters
Requirements
- Bachelor's degree in computer science, Cybersecurity, or related field
- Minimum 3 years of experience in SIEM implementation and security operations
- Hands-on experience with Microsoft Sentinel, Google SecOps, Palo Alto XSIAM, Devo, and Splunk
- Strong understanding of SIEM architecture, implementation, integration, log management, and threat detection methodologies
- Proficiency in scripting languages such as Python, PowerShell, and Bash
- Experience with cloud platforms including Azure, GCP, and AWS
- Knowledge of data pipeline tools including Cribl
- Familiarity with REST APIs, JSON, and integration of third-party security tools
- Certifications such as Microsoft Certified: Security Operations Analyst Associate, SC-200, AZ-500, Google Professional Cloud Security Engineer, CISSP, CISM, GIAC are preferred
Tech Stack
- AWS
- Azure
- Cloud
- Cyber Security
- Google Cloud Platform
- Python
- Splunk
Benefits
- Competitive compensation
- Variable incentive pay programs
- Continuous development environment