GuidePoint SecurityRemote
Senior SIEM Developer/Engineer - Northeast region (Remote)
United States of America
Full Time
3 hours ago
No H1B
Key skills
PythonBashPowerShellAnalyticsKafkaAWSAzureGCPSplunkLogstash
About this role
GuidePoint Security is a trusted cybersecurity provider that helps organizations minimize risk through expert solutions and services. They are seeking a Senior SIEM Developer/Engineer to lead the design, implementation, and optimization of SIEM systems and observability pipelines, collaborating with various teams to enhance security monitoring and incident response capabilities.
Responsibilities:
- Architect, implement, and maintain SIEM solutions with a focus on modern platforms including:
- Design and manage log ingestion pipelines using tools such as Cribl Stream, Edge, or Search (or similar)
- Optimize data routing, enrichment, and filtering to improve SIEM efficiency and cost control
- Collaborate with cybersecurity, DevOps, and cloud infrastructure teams to integrate log sources and telemetry data
- Develop custom parsers, dashboards, correlation rules, and alerting logic for security analytics and threat detection
- Maintain and enhance system reliability, scalability, and performance of logging infrastructure
- Provide expertise and guidance on log normalization, storage strategy, and data retention policies
- Lead incident response investigations and assist with root cause analysis leveraging SIEM insights
- Mentor junior engineers and contribute to strategic security monitoring initiatives
Requirements:
- 5+ years of experience in security engineering, with a primary focus on SIEM platforms
- Hands-on experience with at least one of the following SIEM platforms: Splunk, Microsoft Sentinel, Elastic, Google SecOps / Chronicle, CrowdStrike NG-SIEM / LogScale, Palo Alto XSIAM, SentinelOne SIEM
- 2+ years of experience with Cribl or similar observability pipeline tools (e.g., Logstash, Fluentd, Kafka)
- Strong knowledge of log formats, data normalization, and event correlation
- Familiarity with detection engineering, threat modeling, and MITRE ATT&CK framework
- Proficiency with scripting (e.g., Python, PowerShell, Bash) and regular expressions
- Deep understanding of logging from cloud (AWS, Azure, GCP) and on-prem environments
- Bachelor's degree in a relevant discipline or equivalent professional experience