Senior SIEM Engineer, IS Security, Days, Fully Remote
Responsibilities: The Senior SIEM Engineer plays a key role in advancing Norton Healthcare’s security monitoring and detection capabilities. This role leads the technical design, implementation and optimization of SIEM ingestion pipelines, analytics, enrichment and platform performance. The engineer ensures that log sources provide high-quality telemetry, supports complex troubleshooting, and drives improvements to detection coverage in alignment with enterprise security objectives. The engineer works alongside architects, SOC analysts, incident responders and platform owners; the Senior SIEM Engineer shapes ingestion standards, maintains analytic rule quality, and guides the evolution of the SIEM toward greater maturity, automation, and threat-informed capability. This position also mentors junior staff and contributes to the strategic direction of the SIEM platform.
- *This position offers a fully remote work opportunity. Employees in this role must reside in one of the following states to be considered for fully remote positions: Kentucky, Indiana, Missouri, Ohio, Tennessee, Alabama, Virginia, Mississippi, North Carolina, South Carolina**
Qualifications: Required:
- Minimum five years of experience in security engineering or SOC operations, with at least three years focused on SIEM platforms, detection engineering or security log architecture in enterprise environments. Demonstrated experience with SIEM design, ingestion architecture, detection tuning, KQL or equivalent query languages, and cross-platform logging technologies, preferably in a hybrid on-prem/cloud environment. Proven ability to troubleshoot complex ingestion failures, normalization issues, schema inconsistencies and data quality problems across distributed systems. Experience supporting investigations, tuning detection logic and working directly with SOC, IR, and engineering teams on high-impact security events.
- Bachelor degree
Desired:
- Seven years of the above
- elevant industry certifications such as Microsoft SC-100, AZ-500, CISSP, GMON, GCDA, etc.
Apply tot his job Apply To this Job