eTeam
Job Title: SIEM Engineer
Locations:
Arlington, VA | Buffalo, NY | Des Moines, IA | Louisville, KY | Omaha, NE | Milwaukee, WI
Employment Type:
Contract Category:
AI-Driven Threat Detection & Response Department:
Cybersecurity Engineering - SIEM Operations
Role Overview We are seeking highly skilled
SIEM Engineers
to architect, manage, and optimize our security event and information management infrastructure. This role is central to enhancing threat visibility and response by integrating AI-powered detection techniques with modern SIEM platforms. As part of our advanced threat detection and response team, you will design scalable SIEM solutions, onboard logs, tune detection rules, and ensure consistent data normalization to support real-time threat analysis.
Key Responsibilities
Design, deploy, and maintain enterprise SIEM solutions (Splunk, QRadar, Azure Sentinel, Elastic, etc.). Onboard and normalize logs from diverse data sources (cloud, network, endpoints, applications). Develop and fine-tune detection use cases, correlation rules, and dashboards using AI insights. Integrate SIEM platforms with SOAR, threat intelligence feeds, and EDR/XDR tools. Collaborate with SOC analysts, IR teams, and threat hunters to improve detection efficacy. Conduct health checks, system upgrades, patching, and performance tuning of SIEM environments. Create and maintain runbooks, architecture diagrams, and SOP documentation. Evaluate new technologies to enhance visibility, scalability, and automation in detection pipelines.
Required Qualifications
3+ years of hands-on experience as a SIEM Engineer or Security Engineer. Deep expertise with at least one enterprise SIEM platform (e.g., Splunk, QRadar, ArcSight, Elastic, LogRhythm, Sentinel). Strong understanding of log formats, parsing, and normalization (e.g., syslog, JSON, CEF). Experience with custom rule development, correlation searches, threat detection tuning. Familiarity with scripting and automation (e.g., Python, PowerShell, Bash). Knowledge of MITRE ATT&CK, threat hunting, and SOC workflows. Working knowledge of cloud platforms and logging (AWS CloudTrail, Azure Monitor, GCP). Preferred Qualifications
Experience integrating AI/ML capabilities into SIEM platforms or detection logic. Certifications such as Splunk Core Certified, GCIA, GCIH, or Microsoft SC-200. Knowledge of SOAR platforms and response playbook orchestration. Familiarity with compliance standards (NIST, ISO, PCI-DSS, HIPAA).
ET_RV01
Contract Category:
AI-Driven Threat Detection & Response Department:
Cybersecurity Engineering - SIEM Operations
Role Overview We are seeking highly skilled
SIEM Engineers
to architect, manage, and optimize our security event and information management infrastructure. This role is central to enhancing threat visibility and response by integrating AI-powered detection techniques with modern SIEM platforms. As part of our advanced threat detection and response team, you will design scalable SIEM solutions, onboard logs, tune detection rules, and ensure consistent data normalization to support real-time threat analysis.
Key Responsibilities
Design, deploy, and maintain enterprise SIEM solutions (Splunk, QRadar, Azure Sentinel, Elastic, etc.). Onboard and normalize logs from diverse data sources (cloud, network, endpoints, applications). Develop and fine-tune detection use cases, correlation rules, and dashboards using AI insights. Integrate SIEM platforms with SOAR, threat intelligence feeds, and EDR/XDR tools. Collaborate with SOC analysts, IR teams, and threat hunters to improve detection efficacy. Conduct health checks, system upgrades, patching, and performance tuning of SIEM environments. Create and maintain runbooks, architecture diagrams, and SOP documentation. Evaluate new technologies to enhance visibility, scalability, and automation in detection pipelines.
Required Qualifications
3+ years of hands-on experience as a SIEM Engineer or Security Engineer. Deep expertise with at least one enterprise SIEM platform (e.g., Splunk, QRadar, ArcSight, Elastic, LogRhythm, Sentinel). Strong understanding of log formats, parsing, and normalization (e.g., syslog, JSON, CEF). Experience with custom rule development, correlation searches, threat detection tuning. Familiarity with scripting and automation (e.g., Python, PowerShell, Bash). Knowledge of MITRE ATT&CK, threat hunting, and SOC workflows. Working knowledge of cloud platforms and logging (AWS CloudTrail, Azure Monitor, GCP). Preferred Qualifications
Experience integrating AI/ML capabilities into SIEM platforms or detection logic. Certifications such as Splunk Core Certified, GCIA, GCIH, or Microsoft SC-200. Knowledge of SOAR platforms and response playbook orchestration. Familiarity with compliance standards (NIST, ISO, PCI-DSS, HIPAA).
ET_RV01