SIEM Engineers Lead

2 days ago

Tel Aviv-Yafo, Israel

Mid Level / Senior

Responsibilities

Architect, deploy, and maintain enterprise SIEM platforms and security monitoring infrastructure.
Develop and optimize detection rules, correlation logic, and alert mechanisms.
Design and implement log ingestion pipelines and normalization processes.
Continuously improve detection coverage by analyzing threat intelligence and vulnerabilities.
Create and maintain dashboards, reports, and metrics for security visibility.
Drive automation of security monitoring and response workflows.
Perform tuning and performance optimization of SIEM platforms.
Conduct threat hunting activities and support security investigations.
Collaborate with stakeholders to integrate new log sources.
Develop documentation and best practices for SIEM configuration.
Create APIs for AI agents to interact with SIEM.

5+ years of experience in cybersecurity with a focus on SIEM engineering.
Hands-on experience with SIEM platforms like Splunk, Microsoft Sentinel, or QRadar.
Strong knowledge of log analysis, event correlation, and detection engineering.
Experience with data pipelines, log parsing, and schema design.
Experience with SOAR platforms and security automation.
Scripting or programming experience in Python, PowerShell, or Bash.
Solid understanding of network protocols, operating systems, and attack techniques.
Familiarity with frameworks like MITRE ATT&CK or NIST for detection mapping.
Experience integrating threat intelligence with SIEM platforms.
Knowledge of cloud logging and monitoring (AWS, Azure, GCP).
Strong knowledge of Kubernetes architecture and security concepts.
Experience with Terraform, CI/CD pipelines, and Detection as code.

Competitive salary and comprehensive benefits package.
Opportunities for professional growth within Nebius.
Flexible working arrangements.
A dynamic and collaborative work environment that values initiative and innovation.

AWSAzureBashGoogle Cloud PlatformKubernetesPowerShellPythonSplunkTerraform