SIEM Engineer

Job Description

As a SIEM Engineer, you will design, implement, and maintain advanced Security Information and Event Management (SIEM) solutions. You will play a key role in delivering mission-critical projects for organizations with mature cybersecurity practices, ensuring robust detection, monitoring, and response capabilities.

Responsibilities

Deploy, configure, and maintain SIEM platforms (Splunk, Google SecOps, Elastic, Microsoft Sentinel) within customer environment.

Ensure reliability and performance of the SIEM platform in periodic health checks and preventive maintenance activities.

Onboard and normalize log sources from networks, servers, endpoints, and cloud environments. Develop and maintain parsing and normalization rules for log sources.

Provide technical advisory to customer on usage of the SIEM platform.

Support SOC analysts with escalations, investigations, and response playbooks.

Integrate threat intelligence and ensure compliance with regulatory requirements.

Maintain documentation for SIEM architecture, log onboarding, and detection content.

Preferred Qualifications

1-5 years of implementation SIEM implementation or operations experience

2-5 years of hands-on operations experience with security systems such as IDP/IDS, FW and AV

Experience in the use of network monitoring tools with a strong understanding of network protocols

Ability to perform security analysis, development and implementation of security policies, standards, and guidelines

Ability to quickly explore, examine and understand complex security problems and how it affects a customer's business

Experience with both the Unix and Windows operating systems; the command line interface is your second home

Experience with scripting languages (bash), application development (Java, Perl, Python, .NET), databases and analytical tools

Ability to listen and collaborate with audiences ranging from IT administrators to executive level stakeholders to help deliver solutions

Self-motivated and self-educating, yet willing and able to work collaboratively with both customers and colleagues

Well organized with a healthy sense of urgency, able to set; communicate, and meet aggressive deadlines with competing priorities

Experience with security and operational related use cases is desired

The ability to travel regionally up to 30% (West and East Malaysia, Brunei, Singapore)