Keeper Security, Inc.
About Keeper
Keeper Security is transforming cybersecurity for organizations around the world with next‑generation privileged access management. Keeper’s zero‑trust and zero‑knowledge cybersecurity solutions are FedRAMP and StateRAMP Authorized, FIPS 140‑2 validated, as well as SOC 2 and ISO 27001 certified. Keeper deploys in minutes, not months, and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance. Trusted by thousands of organizations to protect every user on every device, Keeper is the industry leader for best‑in‑class password management, secrets management, privileged access, secure remote access and encrypted messaging. Learn more at KeeperSecurity.com.
About the Job As a Senior SIEM Engineer, you’ll own the architecture and ongoing optimization of Keeper’s SIEM platform. You’ll ensure real‑time visibility, reliable telemetry, and security observability across all environments cloud, on‑premises, and SaaS. This role goes beyond traditional SOC operations; you’ll enable every function in the business to gain actionable insights through a unified, high‑fidelity telemetry ecosystem.
Responsibilities
Architect, deploy, and maintain a scalable, multi‑tenant SIEM platform for security and operational use cases
Design and manage data ingestion pipelines from diverse sources, including infrastructure, cloud services, SaaS, and endpoints
Build and maintain integrations with enterprise tools such as EDR, SOAR, ITSM, CRM, and CI/CD systems
Develop automation for log collection, normalization, enrichment, and correlation
Tune and optimize correlation rules, dashboards, and detections to maximize context and minimize noise
Partner with Security and SOC teams to enhance threat detection, incident response, and forensic capabilities
Collaborate with DevOps, Engineering, and NOC teams to improve performance monitoring, uptime, and observability
Support IT and Helpdesk with visibility into authentication, endpoint, and user activity data
Enable Sales and Customer Success with security posture metrics and operational reporting
Ensure SIEM architecture supports audit, compliance, and risk frameworks such as SOC 2, ISO 27001, HIPAA, and PCI DSS
Define and enforce data retention, access control, and classification policies
Mentor junior engineers and analysts on detection engineering and observability best practices
Promote adoption of the SIEM platform as a shared service across all departments
Required Qualifications
6+ years of experience in cybersecurity, IT operations, or DevOps, with at least 3 years administering or architecting SIEM platforms
Deep understanding of log management, correlation, and alerting principles
Hands‑on experience with one or more enterprise SIEMs — Splunk, Microsoft Sentinel, Elastic, Exabeam, QRadar, or DataDog
Strong scripting and automation skills using Python, PowerShell, or REST APIs
Familiarity with modern cloud and container platforms (AWS, Azure, GCP)
Ability to work cross‑functionally and translate operational data into actionable insights
Excellent problem‑solving, communication, and documentation skills
Preferred Qualifications
Certifications such as Splunk Certified Architect, Microsoft Sentinel Engineer, GIAC GCDA/GCIH, or AWS Security Specialty
Experience building shared data pipelines and multi‑tenant dashboards
Exposure to business data integration (CRM, ticketing, or SaaS telemetry)
Background in automation, observability, or detection content development
Bachelor’s degree in Computer Science, Cybersecurity, or related field, or equivalent experience
Benefits
Medical, Dental & Vision (inclusive of domestic partnerships)
Employer Paid Life Insurance & Employee/Spouse/Child Supplemental life
Voluntary Short/Long Term Disability Insurance
401K (Roth/Traditional)
A generous PTO plan that celebrates your commitment and seniority (including paid Bereavement/Jury Duty, etc)
Above market annual bonuses
Keeper Security, Inc. is an equal opportunity employer and participant in the U.S. Federal E‑Verify program. We celebrate diversity and are committed to creating an inclusive environment for all employees.
Classification: Exempt
#J-18808-Ljbffr
About the Job As a Senior SIEM Engineer, you’ll own the architecture and ongoing optimization of Keeper’s SIEM platform. You’ll ensure real‑time visibility, reliable telemetry, and security observability across all environments cloud, on‑premises, and SaaS. This role goes beyond traditional SOC operations; you’ll enable every function in the business to gain actionable insights through a unified, high‑fidelity telemetry ecosystem.
Responsibilities
Architect, deploy, and maintain a scalable, multi‑tenant SIEM platform for security and operational use cases
Design and manage data ingestion pipelines from diverse sources, including infrastructure, cloud services, SaaS, and endpoints
Build and maintain integrations with enterprise tools such as EDR, SOAR, ITSM, CRM, and CI/CD systems
Develop automation for log collection, normalization, enrichment, and correlation
Tune and optimize correlation rules, dashboards, and detections to maximize context and minimize noise
Partner with Security and SOC teams to enhance threat detection, incident response, and forensic capabilities
Collaborate with DevOps, Engineering, and NOC teams to improve performance monitoring, uptime, and observability
Support IT and Helpdesk with visibility into authentication, endpoint, and user activity data
Enable Sales and Customer Success with security posture metrics and operational reporting
Ensure SIEM architecture supports audit, compliance, and risk frameworks such as SOC 2, ISO 27001, HIPAA, and PCI DSS
Define and enforce data retention, access control, and classification policies
Mentor junior engineers and analysts on detection engineering and observability best practices
Promote adoption of the SIEM platform as a shared service across all departments
Required Qualifications
6+ years of experience in cybersecurity, IT operations, or DevOps, with at least 3 years administering or architecting SIEM platforms
Deep understanding of log management, correlation, and alerting principles
Hands‑on experience with one or more enterprise SIEMs — Splunk, Microsoft Sentinel, Elastic, Exabeam, QRadar, or DataDog
Strong scripting and automation skills using Python, PowerShell, or REST APIs
Familiarity with modern cloud and container platforms (AWS, Azure, GCP)
Ability to work cross‑functionally and translate operational data into actionable insights
Excellent problem‑solving, communication, and documentation skills
Preferred Qualifications
Certifications such as Splunk Certified Architect, Microsoft Sentinel Engineer, GIAC GCDA/GCIH, or AWS Security Specialty
Experience building shared data pipelines and multi‑tenant dashboards
Exposure to business data integration (CRM, ticketing, or SaaS telemetry)
Background in automation, observability, or detection content development
Bachelor’s degree in Computer Science, Cybersecurity, or related field, or equivalent experience
Benefits
Medical, Dental & Vision (inclusive of domestic partnerships)
Employer Paid Life Insurance & Employee/Spouse/Child Supplemental life
Voluntary Short/Long Term Disability Insurance
401K (Roth/Traditional)
A generous PTO plan that celebrates your commitment and seniority (including paid Bereavement/Jury Duty, etc)
Above market annual bonuses
Keeper Security, Inc. is an equal opportunity employer and participant in the U.S. Federal E‑Verify program. We celebrate diversity and are committed to creating an inclusive environment for all employees.
Classification: Exempt
#J-18808-Ljbffr