SIEM Implementation and Configuration: Build, and configure SIEM solutions (Rapid7 InsightIDR, LogRhythm, Elastic Stack, Sentinel) to meet specific client requirements. Develop and implement log collection strategies, ensuring comprehensive coverage of relevant security events. Integrate SIEM solutions with other security tools and platforms (e.g. firewalls, intrusion detection systems, vulnerability scanners, threat intelligence feeds   SIEM Management and Support: Provide ongoing maintenance, monitoring, and troubleshooting of SIEM environments across multiple client accounts. Perform regular health checks and performance tuning to ensure optimal SIEM performance. Respond to and resolve SIEM-related incidents and service requests in a timely manner. Manage user access and permissions within the SIEM platforms. Develop and maintain documentation related to SIEM configurations, procedures, and troubleshooting steps. Participate in an on-call rotation to provide after-hours support for critical security incidents. Collaborate with other security teams (e.g., incident response, threat intelligence) to improve security posture.

 

Your Transferable Skills and Experience

 

Strong understanding of on-premise and cloud infrastructure for effective SIEM deployment and data onboarding. Proven ability to collaborate with cross-functional technical teams (network, server, cloud engineering) for seamless SIEM integration and data optimization. Deep knowledge of security principles and log management within complex IT ecosystems. Experience with security technologies, including SIEM, EDR, firewalls, and IDS. Excellent problem-solving, analytical, and communication skills to articulate technical concepts and troubleshoot complex issues. A strong aptitude for continuous learning, adaptability, and proactive optimization of security infrastructure.