Addison Group
Security Information and Event Management Engineer
Addison Group, Chicago, Illinois, United States, 60290
Security Information and Event Management Engineer (SIEM)
Job Title:
SIEM Engineer Reports To: Information Security Manager Location: Onsite 3-4 days per week at HQ office
225 W Randolph St 19th Floor, Chicago, IL 60606 Compensation: $105K - 125K depending on experience Position Summary: We are seeking a skilled SIEM Engineer to join our Information Security team. The ideal candidate will be responsible for designing, implementing, maintaining, and optimizing our SIEM platform to ensure real-time visibility, detection, and response to security threats across the enterprise. You will work closely with the information security team, infrastructure teams, and application owners to ensure log integrity and security monitoring coverage. Key Responsibilities: Design, implement, and maintain SIEM solutions (e.g., Splunk, QRadar, LogRhythm, Sentinel, etc.) Integrate log sources from various systems, applications, and cloud environments into the SIEM. Architect, implement, and maintain SOAR platforms; Build automated playbooks and workflows to accelerate detection and incident response. Develop and fine-tune correlation rules, dashboards, alerts, and use cases based on threat intelligence and MITRE ATT&CK. Support incident response teams by providing context and data via the SIEM platform. Conduct threat hunting using SIEM data to proactively detect indicators of compromise (IOCs). Integrate threat intelligence feeds into SIEM for enriched analysis. Ensure log retention policies meet policy standards. Create and maintain SIEM documentation, including log onboarding procedures and use case development. Stay up to date on the latest security trends, vulnerabilities, and detection techniques. Provide on-call support or off-hours assistance as needed for critical issues. Qualifications: Required:
Bachelor’s degree in computer science, Cybersecurity, Information Systems, or related field. 3+ years of experience with SIEM technologies. 1–3 years of experience working with SOAR platforms. Strong understanding of security operations, log formats, and common network/application protocols. Strong understanding of security logging standards, incident response, and threat detection. Proficiency in scripting languages such as Python, PowerShell, or Bash. Familiarity with MITRE ATT&CK, NIST, threat intelligence, and use case development. Proficiency in scripting languages such as Python, PowerShell, or Bash.
Preferred:
Experience with scripting languages (Python, PowerShell, Bash) for automation. Knowledge of cloud platforms and security logging (AWS CloudTrail, Azure Monitor, GCP Logging). Prior experience in a SOC or MSSP environment. Ability to manage multiple projects and stakeholders effectively.
Benefits: Ability to create your own Healthcare package; BCBS medical, dental, and vision - it’s your choice! 401(K) with up to 4% matching Flexible PTO Target 10% annual bonus of salary Pre-taxed commuter benefits, including Uber Pool Addison Group Wellness Program Seasonal parties and events Compensation: $105K - 125K depending on experience
#J-18808-Ljbffr
SIEM Engineer Reports To: Information Security Manager Location: Onsite 3-4 days per week at HQ office
225 W Randolph St 19th Floor, Chicago, IL 60606 Compensation: $105K - 125K depending on experience Position Summary: We are seeking a skilled SIEM Engineer to join our Information Security team. The ideal candidate will be responsible for designing, implementing, maintaining, and optimizing our SIEM platform to ensure real-time visibility, detection, and response to security threats across the enterprise. You will work closely with the information security team, infrastructure teams, and application owners to ensure log integrity and security monitoring coverage. Key Responsibilities: Design, implement, and maintain SIEM solutions (e.g., Splunk, QRadar, LogRhythm, Sentinel, etc.) Integrate log sources from various systems, applications, and cloud environments into the SIEM. Architect, implement, and maintain SOAR platforms; Build automated playbooks and workflows to accelerate detection and incident response. Develop and fine-tune correlation rules, dashboards, alerts, and use cases based on threat intelligence and MITRE ATT&CK. Support incident response teams by providing context and data via the SIEM platform. Conduct threat hunting using SIEM data to proactively detect indicators of compromise (IOCs). Integrate threat intelligence feeds into SIEM for enriched analysis. Ensure log retention policies meet policy standards. Create and maintain SIEM documentation, including log onboarding procedures and use case development. Stay up to date on the latest security trends, vulnerabilities, and detection techniques. Provide on-call support or off-hours assistance as needed for critical issues. Qualifications: Required:
Bachelor’s degree in computer science, Cybersecurity, Information Systems, or related field. 3+ years of experience with SIEM technologies. 1–3 years of experience working with SOAR platforms. Strong understanding of security operations, log formats, and common network/application protocols. Strong understanding of security logging standards, incident response, and threat detection. Proficiency in scripting languages such as Python, PowerShell, or Bash. Familiarity with MITRE ATT&CK, NIST, threat intelligence, and use case development. Proficiency in scripting languages such as Python, PowerShell, or Bash.
Preferred:
Experience with scripting languages (Python, PowerShell, Bash) for automation. Knowledge of cloud platforms and security logging (AWS CloudTrail, Azure Monitor, GCP Logging). Prior experience in a SOC or MSSP environment. Ability to manage multiple projects and stakeholders effectively.
Benefits: Ability to create your own Healthcare package; BCBS medical, dental, and vision - it’s your choice! 401(K) with up to 4% matching Flexible PTO Target 10% annual bonus of salary Pre-taxed commuter benefits, including Uber Pool Addison Group Wellness Program Seasonal parties and events Compensation: $105K - 125K depending on experience
#J-18808-Ljbffr