Senior SIEM Engineer

Role and Responsibilities:

• Lead the architecture, deployment, upgrade, and sustainment of the SIEM environment supporting the client's SOC.
• Monitor SIEM platform health, license usage, indexing latency, and ingest rates, and proactively address capacity and performance issues.
• Onboard new data sources and build parsing, field extractions, and CIM-compliant data models.

Detection and Integration:

• Develop, tune, and maintain correlation searches, notable events, dashboards, and reports for threat detection and triage.
• Integrate SIEM with SOAR, EDR, NDR, DLP, CDM, vulnerability management, and identity platforms.
• Translate detection requirements from threat hunters and CTI analysts into production SIEM content mapped to MITRE ATT&CK.

Compliance and Collaboration:

• Author and maintain Engineering Design Documents, SOPs, runbooks, and configuration guides.
• Apply secure configuration baselines, role-based access controls, and audit logging to meet federal compliance.
• Provide knowledge transfer and training to SOC analysts on SIEM usage and dashboard interpretation.