SIEM Engineer Job Description
SIEM engineer
provides technical support/engineering for network/cloud firewalls, network/cloud Intrusion detection/prevention systems, virtual private networks, and web security gateways.
SIEM Engineer Duties & Responsibilities
To write an effective SIEM engineer job description, begin by listing detailed duties, responsibilities and expectations. We have included SIEM engineer job description templates that you can modify and use.
Sample responsibilities for this position include:
Grow as a leader in building, running and managing the day-to-day operations of the security operations center that protect Ariba and its customers
Investigate incidents and lead response efforts as applicable
Maintain engineering and security documentation
Assist customers to fully optimize the SIEM system capabilities the audit and logging features of the event log sources
Creation of technically detailed reports on the status of the SIEM to include metrics on items such as number of logging sources
Working alongside the CIC Support Team, the Technical Arcsight Engineer will be responsible for configuring, maintaining, tuning and enhancing the CIC SIEM platform
Be responsible for the investigation and delivery of defect resolutions through Engineering into the Production Environment without impacting the live service
Be responsible for development of ArcSight Flex Connectors for new event sources
Monitor and manage the performance of the SIEM infrastructure
Support security engineering requirements for projects, transitions, and transformations
SIEM Engineer Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for SIEM Engineer
List any licenses or certifications required by the position: CISSP, CISA, CEH, NSA, HBSS, CCSE, GIAC, CISM, SIEM, SANS
Education for SIEM Engineer
Typically a job would require a certain level of education.
Employers hiring for the SIEM engineer job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Security, Education, Engineering, Information Technology, Cyber Security, Technical, Information Systems, Management, Science
Skills for SIEM Engineer
Desired skills for SIEM engineer include:
Web Proxy
Linux and Windows Operating Systems
Regular expressions and data normalization
Techniques
Cyber security tools
Intrusion detection
Methods
Secured networks to integrate with the SIEM platform
Security operations
Procedures
Desired experience for SIEM engineer includes:
Experience condensing large environments to a single pane of glass view to facilitate optimal operational efficiency
Solid understanding of enterprise network security technology, appliances, and tools
Scripting and software development proficiency (e.g., Python, Perl, shell scripts, C / C++, .NET)
Experience leading incident response and forensic investigative initiatives
An unrivaled thirst for security knowledge and the desire to evangelize security with all whom you interact with
A minimum of 4 years’ experience in security focusing on SIEM or log aggregation and correlation, with minimum 6 years overall enterprise IT experience
SIEM Engineer Examples
1
SIEM Engineer Job Description
Job Description Example
Our company is looking to fill the role of SIEM engineer. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for SIEM engineer
- Designing, maintaining and troubleshooting the SIEM environment
- Implement changes of SIEM infrastructure
- Create, maintain and consult security monitoring measures
- Building SIEM infrastructure for new customers
- Building SIEM infrastructure for new customers during onboarding projects
- Creation of high level and low level design of SIEM infrastructure
- Arrangements of connectivity/storage/equipment for purposes of SIEM projects
- Implementing security monitoring rules in a SIEM tooling, according to the business needs
- Reporting progress of above tasks to Project Managers
- Facilitation of AlienVault Change Requests (upgrades, break fixes ..)
Qualifications for SIEM engineer
- At least 6 months experience in Managed SIEM service within a large MSSP environment
- Experience with industry recognized SIEM solutions such as ArcSight, Splunk, LogRhythm, AlienVault
- Relevant IT certifications such as CCNA, CCNP, JNCIA
- Minimum of ten years managing/utilizing a SIEM solution
- Extensive experience from design and implementation of the latest SIEM tools, ideally Splunk or ArcSight
- Excellent knowledge of Threat & Vulnerability management tools (subject matter experts in other SIEM tools the likes of Qradar, McAfee, RSA
2
SIEM Engineer Job Description
Job Description Example
Our company is growing rapidly and is looking for a SIEM engineer. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for SIEM engineer
- Security specialist certifications
- SIEM certifications (ArcSight, Trustwave, Q1Labs, etc)
- Detect, analyze and remove malicious network traffic, identify and contain threats
- Setup and customize SIEM and DLP tools
- Review suspicious patterns and signatures and write custom ones to detect malware
- Perform network security scans, identify weaknesses and remediate vulnerabilities
- Perform forensics on systems and laptops ensuring appropriate chain of custody
- Strong understanding of SEIMs, IDS, IPS, DLP and associated technologies
- Hardening Linux and Windows, experience in shell scripting
- Web applications and associated attack vectors
Qualifications for SIEM engineer
- At least 6 months experience in QRadar SIEM 7.x
- Commercial experience on at least two prior SIEM engagements (full life-cycle) is essential
- Strong experience in developing dashboards would be highly desirable
- Exposure to Financial Services industry, ideally working in an end user environment
- Excellent knowledge of relevant information security compliance guidelines
- Relevant security (& vendor) accreditations, highly desirable
3
SIEM Engineer Job Description
Job Description Example
Our growing company is hiring for a SIEM engineer. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for SIEM engineer
- Static and Dynamic analysis of malware / Reverse Engineering is a plus
- Form strong business relationships with the customer at various levels throughout the organization
- Be available 24x7 for the customer
- Troubleshoot and provide accurate and timely resolution to customer issues
- Serve as a customer advocate within Micro Focus by facilitating escalation of issues through appropriate internal organizations
- Pro-actively identify issues by becoming familiar with customer's technical and business environment while providing recommendations for resolution to these issues
- Prevent customer issues by reviewing their Micro Focus environment regularly, report and correct issues per customer requirements
- Share knowledge by writing technical documents and pro-actively sending helpful technical information to customer (upcoming patches, technical news)
- Deliver technical presentations and/or training to diverse audiences
- Assist in the implementation of Micro Focus products/solutions in line with specific Consulting engagements
Qualifications for SIEM engineer
- Able to normalize disparate logs from different systems in multiple formats to paint a cohesive picture of events occurring within the environment
- Knowledge of security controls and best practices including ISO 27001
- BSc of Computer Science or Engineering preferred
- Industry Certifications (CCNA, CISSP or similar) preferred
- 2 years or more of experience in IT Security
- 1 year or more of experience with supported technology (Q1 QRadar and/or ArcSight)
4
SIEM Engineer Job Description
Job Description Example
Our innovative and growing company is searching for experienced candidates for the position of SIEM engineer. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for SIEM engineer
- Responsible for the creation of procedures, implementation of processes and development of staff for managing and maintaining security systems across internal and client environments
- Participation in projects and project management as requested by customer or Micro Focus
- Design and generate data parsers as necessary to optimize ingestion of data from a wide variety of devices including servers, firewalls, IDS/IPS, VA appliances
- Facilitation of ArcSight Change Requests (upgrades, break fixes )
- Perform discovery and standards reviews of target environments
- Analyze environments and provide recommendations based upon industry standards
- Review, Design, and Architect SIEM solutions for customers
- Test and improve SIEM use cases
- Interface with industry groups and present at associated conferences
- Provide input and guidance on service development
Qualifications for SIEM engineer
- Extensive experience in the design, implementation, and enhancement of an enterprise level SIEM platform
- Significant experience with enterprise Windows and Linux based architectures and security design
- Knowledge and demonstrable experience of Security Information Event Management systems (Sentinel, Intel, QRadar, RSA, Splunk or other)
- Ability to perform basic scripting tasks with Splunk to automate repeatable processes using Python, PowerShell, Perl
- Splunk Certified Knowledge Manager, Splunk Certified Admin Certifications
- Competent with command line operating systems including UNIX and Linux
5
SIEM Engineer Job Description
Job Description Example
Our company is looking for a SIEM engineer. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for SIEM engineer
- Act as thought leader to junior team members
- Develop advanced SIEM correlation rules, reports and dashboards to detect emerging threats
- Manage, develop and tune the scripts that integrate SIEM
- Monitor the impact of deploying new content to the health and performance of the SIEM
- Develop advanced reports to meet the requirements of key stakeholders
- Develop scalable security management tools and processes
- Engineers, configures and deploys Enterprise SIEM/SEM solutions
- Collaborate with application owners to define and establish logging standards to address various governance requirements
- Maintains enterprise Cyber Security Engineering requirements for SIEM including new and existing products
- Applies Cyber Security Engineering and Network Security Engineering expertise to optimize enterprise protection posture
Qualifications for SIEM engineer
- Ability to provide periodic Status Updates and Technical Presentations
- Experience with SIEM products, like QRadar, Splunk, ArcSight, McAfee ESM, LogRhythm
- Experience with log analysis from various formats
- Experience with custom SIEM definitions, rules, reports, and integrating logs from multiple security devices
- Experience working in Government environment is a plus
- University degree (Engineering or Science degree)