SIEM Engineer - Remote

Overview

We are seeking for client a highly skilled and experienced SIEM Engineer with 5-8 years of hands-on experience working on Security Information and Event Management (SIEM) tools such as QRadar, Splunk, Microsoft Sentinel, Elastic Stack (Elasticsearch, Logstash, Kibana), and other SIEM platforms.

In Short

• Design, deploy, and configure SIEM solutions.
• Integrate various log sources into the SIEM platform.
• Develop and fine-tune correlation rules, dashboards, and alerts.
• Perform system upgrades, patches, and manage the overall health of the SIEM environment.
• Ensure proper log ingestion from multiple data sources.
• Maintain data retention policies and optimize SIEM performance.
• Monitor and analyze system and security logs for anomalies.
• Configure and maintain Elasticsearch clusters.
• Create custom dashboards and reports for security monitoring.
• Work with Logstash for effective data parsing.

Requirements

• 5-8 years of experience in SIEM tools.
• Hands-on experience with QRadar, Splunk, Microsoft Sentinel, and Elastic Stack.
• Strong understanding of log management and monitoring.
• Experience in configuring and maintaining Elasticsearch and Kibana.
• Ability to troubleshoot logging issues.
• Knowledge of data retention policies.
• Experience in threat detection and incident response.
• Strong analytical skills.
• Excellent communication and collaboration skills.
• Ability to work in a fast-paced environment.

Benefits

• Opportunity to work with a globally distributed team.
• Engagement in diverse IT projects.
• Professional growth and development opportunities.
• Collaborative work environment.
• Competitive salary and benefits.