Skip To Main Content
epam-logo-black.svgepam-logo-black.svg
backBack to Search

Chief Security Software Engineer (SIEM)

Mexico
Security.Operations, Endpoint Detection and Response, Endpoint Security, Log management tools, Microsoft Sentinel, Security Information and Event Management, Security Operation Center, Anti-Malware, Cloud Security Concepts, Google Cloud Chronicle, PowerShell, Python, Threat Hunting, Threat Modeling

We are seeking an experienced Chief Security Software Engineer to guide our initiatives in implementing, configuring, and enhancing SIEM solutions in strictly regulated sectors.

The perfect candidate will possess a solid background in SIEM deployment and migration, coupled with a rich history in an Enterprise SOC where they managed security events and incidents. This position requires effective teamwork with client cybersecurity groups to pinpoint their requirements and construct customized SIEM architectures that address both business and technical needs.

Responsibilities
  • Lead the engineering, implementation, and setup of SIEM systems, ensuring they integrate flawlessly with diverse security tools, systems, and log sources
  • Coordinate and manage SIEM migration projects, including data migration, log source integration, rule/alert transitions, and system adjustments
  • Craft, personalize, and refine SIEM scenarios, correlation rules, dashboards, and reports for effective threat and suspicious activity identification
  • Enfold various log sources such as firewalls, IDS/IPS, antivirus, cloud services, applications, and operating systems within the SIEM framework
  • Work alongside the SOC team to aid in the development and improvement of additional use cases in alignment with SOC specifications
  • Periodically assess and enhance SIEM performance to maintain effective log collection, storage, processing, and alert generation
  • Document all SIEM configurations, integrations, and migration steps comprehensively, and regularly report on SIEM system performance
  • Educate and guide junior security engineers and SOC analysts on optimal SIEM usage, best practices, and problem-solving techniques
  • Collaborate with IT, security, and network departments to guarantee the SIEM platform is cohesive with overarching security objectives and strategies
Requirements
  • Minimum of 7 years in Cyber Security, with a significant focus on engineering SIEM solutions and working within a SOC
  • Expertise in SIEM engineering and architecture, specifically with Splunk or other major SIEM technologies like Microsoft Sentinel, QRadar, ArcSight, LogRythm
  • Experience overseeing the entire delivery lifecycle for SIEM enhancements and automation, including work with integrated SIEM solutions featuring SOAR and XDR components
  • Proficiency in log source integration and developing correlation rules, alerts, and dashboards
  • Background in cloud environments (AWS, Azure, GCP) and the integration of cloud logs into SIEM systems
  • Understanding of security frameworks (MITRE ATT&CK, NIST) and basic regulatory compliance knowledge (GDPR, PCI-DSS)
  • Knowledge of network protocols, firewalls, IDS/IPS, endpoint security, and threat intelligence
  • Capability to grasp client-specific security challenges, needs, and the regulatory landscape to devise appropriate solutions
  • Skilled in communicating complex technical concepts to clients, fostering trust and strong relationships
  • Ability to handle stakeholders at various tiers, from technical teams to senior executives
  • Collaborate effectively across different organizational departments and with large enterprises
  • Lead discussions, mediate disputes, and achieve consensus among diverse stakeholder groups
  • Make strategic decisions based on thorough analysis and evidence
Benefits
  • International projects with top brands
  • Work with global teams of highly skilled, diverse peers
  • Healthcare benefits
  • Employee financial programs
  • Paid time off and sick leave
  • Upskilling, reskilling and certification courses
  • Unlimited access to the LinkedIn Learning library and 22,000+ courses
  • Global career opportunities
  • Volunteer and community involvement opportunities
  • EPAM Employee Groups
  • Award-winning culture recognized by Glassdoor, Newsweek and LinkedIn