SIEM Engineer

Securonix Engineering & SIEM Management: Configure, deploy, and maintain the Securonix SIEM platform to support security monitoring and threat detection.

Develop and fine-tune correlation rules, use cases, and behavioral analytics to identify insider threats, fraud, and advanced cyber threats.

Manage log ingestion pipelines and optimize data collection from various sources, including network logs, endpoint data, cloud platforms, and identity systems.

Troubleshoot performance issues, integrations, and data processing pipelines within Securonix.

Develop data models, analytics dashboards, and reports to enhance security monitoring and forensic investigations.

Collaborate with Insider Threat analysts, threat hunters, and fraud teams to investigate security incidents using Securonix data.

Automate alert triage processes and enhance SIEM workflows to reduce response time.

Assist in root cause analysis and remediation efforts for complex security threats.

Ensure SIEM configurations align with regulatory requirements (e.g., NIST, PCI DSS). Maintain documentation of use cases, data flows, and SIEM policies.

Identify opportunities to improve log ingestion, data normalization, and system scalability.

Experience in SIEM engineering, cybersecurity operations, or data analytics.

Strong hands-on experience with Securonix SIEM, including rule creation, log ingestion, and dashboard development.

Proficiency in SQL, Python, Splunk, Elastic Stack, or other data analytics tools.

Experience with threat detection techniques, behavioral analytics, and machine learning in security.

Familiarity with cloud security monitoring (AWS, Azure, GCP) and integration with SIEM solutions.

Knowledge of MITRE ATT&CK, UEBA (User Entity Behavior Analytics), insider threat detection, and fraud prevention.

Strong understanding of log management, data correlation, and incident response frameworks.

Certifications such as SANS GIAC, CISSP, CEH, or Securonix certifications are a plus.

Experience working in the financial sector with a focus on fraud prevention, insider risk, or compliance monitoring.

Knowledge of big data platforms (Hadoop, Spark, Snowflake) and automation tools (SOAR, Python scripting, APIs). Ability to work with large datasets and build predictive models for security insights.