Security Architect

Job title :- Senior SIEM Engineer/ Lead SIEM Engineer / SIEM Architect

Job Summary:

We are seeking a skilled and proactive SIEM Engineer to join our Security Operations Center (SOC) team. The successful candidate will be responsible for enhancing our security monitoring capabilities through the construction and optimization of dashboards, development of correlation rules, and integration of critical systems with our SIEM platform. This role involves advanced data parsing, query optimization, and behavioral analysis tuning to support our SOC operators in threat detection and incident response.

Key Responsibilities:

• Design and implement user-friendly dashboards for SOC operators to enhance situational awareness and incident response.
• Develop and fine-tune correlation rules to detect security threats and anomalies effectively.
• Implement new data parsers and modernize existing ones to improve log parsing accuracy and completeness.
• Optimize frequently used queries to improve performance and response times for SOC users.
• Integrate critical systems previously not monitored into the SIEM for comprehensive visibility.
• Adapt and apply existing mechanisms from QNI components to ensure consistency and integration across systems.
• Tune and reconfigure the behavioral analysis component to reduce false positives and enhance threat detection capabilities.
• Collaborate with SOC analysts, threat intelligence teams, and other IT stakeholders to ensure alignment with security monitoring objectives.

Required Qualifications:

• Bachelor's degree in Computer Science, Information Security, or related field, or equivalent experience.
• Proven experience in SIEM technologies such as Splunk, QRadar, ArcSight, LogRhythm, or similar.
• Strong knowledge of log management, event correlation, and threat detection techniques.
• Proficiency in writing and tuning queries using SPL, AQL, or equivalent query languages.
• Experience in developing and modifying parsers for log ingestion.
• Familiarity with behavioral analysis tools and techniques.
• Strong analytical and problem-solving skills with an attention to detail.

Preferred Qualifications:

• Certifications such as GCIA, GCIH, CEH, or SIEM-specific certifications.
• Experience working within a SOC environment.
• Familiarity with QNI (QRadar Network Insights) or similar network intelligence platforms.