Norton HealthcareRemote
Senior SIEM Engineer, IS Security, Days, Fully Remote
United States
Full Time
1 hour ago
H1B Sponsor Likely
Key skills
SIEM platformsdetection engineeringsecurity log architectureKQLtroubleshootingAnalyticsMentoring
About this role
Norton Healthcare is advancing its security monitoring and detection capabilities, and they are seeking a Senior SIEM Engineer to lead the technical design, implementation, and optimization of SIEM ingestion pipelines. This role involves ensuring high-quality telemetry from log sources, mentoring junior staff, and contributing to the strategic direction of the SIEM platform.
Responsibilities:
- The Senior SIEM Engineer plays a key role in advancing Norton Healthcare’s security monitoring and detection capabilities
- This role leads the technical design, implementation and optimization of SIEM ingestion pipelines, analytics, enrichment and platform performance
- The engineer ensures that log sources provide high-quality telemetry, supports complex troubleshooting, and drives improvements to detection coverage in alignment with enterprise security objectives
- The engineer works alongside architects, SOC analysts, incident responders and platform owners; the Senior SIEM Engineer shapes ingestion standards, maintains analytic rule quality, and guides the evolution of the SIEM toward greater maturity, automation, and threat-informed capability
- This position also mentors junior staff and contributes to the strategic direction of the SIEM platform
Requirements:
- Minimum five years of experience in security engineering or SOC operations, with at least three years focused on SIEM platforms, detection engineering or security log architecture in enterprise environments
- Demonstrated experience with SIEM design, ingestion architecture, detection tuning, KQL or equivalent query languages, and cross-platform logging technologies, preferably in a hybrid on-prem/cloud environment
- Proven ability to troubleshoot complex ingestion failures, normalization issues, schema inconsistencies and data quality problems across distributed systems
- Experience supporting investigations, tuning detection logic and working directly with SOC, IR, and engineering teams on high-impact security events
- Bachelor degree in cybersecurity, information systems or equivalent experience
- Seven years of the above