eTeam
Job Title:
Mid-Level SIEM Engineer Location:
Columbus, OH / Indianapolis, IN / Detroit, MI and Richmond, VA Duration : 12 Months
Job Summary:
We are seeking a skilled and motivated
SIEM Engineer (Mid-Level)
to join our security operations team. The candidate will be responsible for the design, implementation, tuning, and maintenance of our Security Information and Event Management (SIEM) system, aiding in real-time threat detection and response. The ideal candidate has hands-on experience with industry-standard SIEM platforms and understands the broader cybersecurity ecosystem.
Key Responsibilities: Configure, manage, and maintain SIEM solutions (e.g., Splunk, IBM QRadar, ArcSight, LogRhythm, Azure Sentinel, etc.) Onboard and normalize log sources across cloud and on-prem infrastructure. Develop and fine-tune correlation rules, dashboards, and alerts to detect threats and reduce false positives. Collaborate with the SOC team to investigate and respond to security incidents. Integrate threat intelligence feeds to enrich SIEM data and improve threat detection. Work with internal stakeholders (network, infrastructure, and application teams) to ensure complete visibility. Support compliance initiatives (e.g., ISO 27001, PCI-DSS, HIPAA) through reporting and audit support. Conduct regular health checks, performance tuning, and patching of SIEM platforms. Document processes, use cases, and incident response playbooks. Required Qualifications:
3-6 years of experience in Information Security or SOC environments. Strong hands-on experience with at least one enterprise-grade SIEM platform. Proficiency in log analysis, regular expressions, and parsing (e.g., syslog, Windows Event Logs, AWS CloudTrail). Knowledge of networking protocols, firewall logs, authentication mechanisms, and security concepts (e.g., MITRE ATT&CK). Understanding of cloud security (AWS/Azure/GCP) and integration with SIEM. Ability to write scripts or queries (e.g., Python, Bash, SPL, KQL) for automation and advanced analysis. Preferred Qualifications:
Security certifications such as
CEH, GCIA, GCIH, SSCP, Splunk Certified , or similar. Experience in working in an MSSP/SOC environment. Familiarity with EDR, NDR, SOAR, and threat hunting tools. Exposure to frameworks like
MITRE ATT&CK ,
NIST , and
CIS Controls .
Mid-Level SIEM Engineer Location:
Columbus, OH / Indianapolis, IN / Detroit, MI and Richmond, VA Duration : 12 Months
Job Summary:
We are seeking a skilled and motivated
SIEM Engineer (Mid-Level)
to join our security operations team. The candidate will be responsible for the design, implementation, tuning, and maintenance of our Security Information and Event Management (SIEM) system, aiding in real-time threat detection and response. The ideal candidate has hands-on experience with industry-standard SIEM platforms and understands the broader cybersecurity ecosystem.
Key Responsibilities: Configure, manage, and maintain SIEM solutions (e.g., Splunk, IBM QRadar, ArcSight, LogRhythm, Azure Sentinel, etc.) Onboard and normalize log sources across cloud and on-prem infrastructure. Develop and fine-tune correlation rules, dashboards, and alerts to detect threats and reduce false positives. Collaborate with the SOC team to investigate and respond to security incidents. Integrate threat intelligence feeds to enrich SIEM data and improve threat detection. Work with internal stakeholders (network, infrastructure, and application teams) to ensure complete visibility. Support compliance initiatives (e.g., ISO 27001, PCI-DSS, HIPAA) through reporting and audit support. Conduct regular health checks, performance tuning, and patching of SIEM platforms. Document processes, use cases, and incident response playbooks. Required Qualifications:
3-6 years of experience in Information Security or SOC environments. Strong hands-on experience with at least one enterprise-grade SIEM platform. Proficiency in log analysis, regular expressions, and parsing (e.g., syslog, Windows Event Logs, AWS CloudTrail). Knowledge of networking protocols, firewall logs, authentication mechanisms, and security concepts (e.g., MITRE ATT&CK). Understanding of cloud security (AWS/Azure/GCP) and integration with SIEM. Ability to write scripts or queries (e.g., Python, Bash, SPL, KQL) for automation and advanced analysis. Preferred Qualifications:
Security certifications such as
CEH, GCIA, GCIH, SSCP, Splunk Certified , or similar. Experience in working in an MSSP/SOC environment. Familiarity with EDR, NDR, SOAR, and threat hunting tools. Exposure to frameworks like
MITRE ATT&CK ,
NIST , and
CIS Controls .