Jobs · himalayas

T

Security Information and Event Management (SIEM) Engineer

Aperture Cloud · Australia, Canada, Germany, India, United Kingdom, United States · Posted 34d ago

remoteseniorEstimated 100k-231k USD
Apply on himalayas

About the role

About us: Aperture Cloud is a leading recruitment and software development company. Our diverse, globally distributed team provides IT recruitment, outstaffing, outsourcing, software development, and different consulting services with a primary focus on making our partners achieve their business goals successfully. With headquarters in Germany we have successful clients all over the world. We can understand your unique needs. Our team has hands-on experience with the challenges that come with rapid growth and the IT sector. That’s why all of our offerings are built with a tech mindset. Job Summary: We are seeking for client for a one month project highly skilled and experienced SIEM Engineer with 5-8 years of hands-on experience working on Security Information and Event Management (SIEM) tools such as QRadar, Splunk, Microsoft Sentinel, Elastic Stack (Elasticsearch, Logstash, Kibana), and other SIEM platforms. The candidate will be responsible for the design, deployment, configuration, and management of SIEM solutions, ensuring efficient monitoring and proactive threat detection across the organization. This role involves collaboration with security teams to optimize incident detection, analysis, and response processes. Key Responsibilities: SIEM Implementation & Configuration: Design, deploy, and configure SIEM solutions, including Elastic Stack (Elasticsearch, Logstash, Kibana), Wazuh, QRadar, Splunk & Microsoft Sentinel. Integrate various log sources (e.g., firewalls, IDS/IPS, network devices, applications),/OT/IOT into the SIEM platform. Develop and fine-tune correlation rules, dashboards, and alerts for proactive threat detection. Perform system upgrades, patches, and manage the overall health of the SIEM environment. Log Management & Monitoring: Ensure proper log ingestion from multiple data sources, including Elasticsearch and Kibana, and troubleshoot any logging issues. Maintain data retention policies, manage storage, and optimize SIEM performance. Monitor and analyze system and security logs for anomalies, potential threats, or suspicious activities. Elastic Stack Management or any open source like Wazuh: Configure and maintain Elasticsearch clusters for log storage and search functionality. Utilize Kibana to create custom dashboards, visualizations, and reports for security monitoring. Work with Logstash or other log shippers for effective data parsing and enrichment before SIEM ingestion. Requirements Experience: 5-8 years of experience working in SIEM engineering and administration roles. Proven expertise with SIEM platforms like QRadar, Splunk, Microsoft Sentinel, and Elastic Stack (Elasticsearch, Logstash, Kibana). Experience in integrating and managing log sources from diverse systems and platforms. Strong understanding of security incident detection, threat analysis, and response processes. Technical Skills: Proficiency in SIEM platform management, rule creation, and performance tuning. Hands-on experience with Elastic Stack (Elasticsearch, Logstash, Kibana) for log management, search, and security monitoring. Strong scripting abilities (e.g., Python, PowerShell, Bash) for automation. Knowledge of security protocols, network traffic analysis, and intrusion detection systems. Experience working with security frameworks such as MITRE ATT&CK, NIST, or CIS. Certifications (Preferred): SIEM-related certifications (e.g., IBM QRadar Certified, Splunk Certified Architect, Elastic Certified Engineer) Security certifications such as CISSP, CISM, or CEH are a plus. Soft Skills: Strong problem-solving and analytical thinking abilities. Excellent communication skills to convey complex technical concepts to stakeholders. Ability to work independently or in a team with minimal supervision. Education: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field (or equivalent experience). Originally posted on Himalayas

Read the full posting on himalayas

FAQ

Is the Security Information and Event Management (SIEM) Engineer role at Aperture Cloud remote?+

This Security Information and Event Management (SIEM) Engineer position is listed as remote (Australia, Canada, Germany, India, United Kingdom, United States).

What is the salary for the Security Information and Event Management (SIEM) Engineer role at Aperture Cloud?+

The listing states Estimated 100k-231k USD.

What seniority level is this Security Information and Event Management (SIEM) Engineer role?+

This is a senior level position.

How do I apply for the Security Information and Event Management (SIEM) Engineer role at Aperture Cloud?+

Use the "Apply on himalayas" button to open the original posting on himalayas, where you can submit your application directly to Aperture Cloud.