Senior Security SIEM Engineer

Position Overview

UltraViolet Cyber is seeking a Senior Security SIEM Engineer to lead a Fortune 250 company through a transformative security and technology project. This role involves migrating data sources and content from Splunk to SentinelOne AI SIEM, developing methodology for SIEM migration best practices, and working with cutting-edge technology. You will be instrumental in creating continuously optimized identification, detection, and resilience against dynamic threat landscapes.

Employment Type

Full-Time

Salary

$150,000 - $195,000 a year

UltraViolet Cyber maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect our company's differing products, services, industries and lines of business. Candidates are typically placed into the range based on the preceding factors.

Location Type

Not specified

Responsibilities

• Evaluating current Splunk instances and content at a major enterprise retail customer.
• Migrating data sources from Splunk instances to SentinelOne AI SIEM.
• Migrating content to SentinelOne AI SIEM.
• Leading offshore teams performing migration tasks.
• Integrating SentinelOne with other security tools to build a comprehensive security monitoring ecosystem.
• Designing and maintaining S1 data models to support security use cases and compliance reporting.
• Developing custom threat detection rules and correlation searches in Splunk.
• Configuring and tuning SIEM alerts to reduce false positives and enhance detection efficacy.
• Providing technical expertise during security incidents and coordinating response activities.

Requirements

• Bachelor's degree in Cybersecurity, Information Security, or related field.
• 9+ years of security engineering experience with 5+ years of advanced Splunk and SentinelOne implementations.
• Splunk Certified Architect or Splunk Certified Enterprise Security Admin certification.
• SentinelOne certifications and/or SentinelOne University experience.
• Strong knowledge of SPL query language and advanced search techniques.
• Experience creating custom Splunk dashboards, reports, and visualizations.
• Demonstrated expertise in security monitoring and SIEM technology.
• Proficiency with Splunk administration and performance tuning.
• SentinelOne exposure is highly desired.

Work Environment

• Must be authorized to work in the US.
• Participation in on-call rotation for security incident response.
• Collaboration with cross-agency security teams.
• Some potential travel to US based customers - ~10-20%.

Company Information

UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions. Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as-code platform combines technology innovation and human expertise to make advanced real-time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams. UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients. UltraViolet Cyber is headquartered in McLean, Virginia, with global offices across the U.S. and in India.

What We Offer

• 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed.
• Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment).
• Group Term Life, Short-Term Disability, Long-Term Disability.
• Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness.
• Participation in the Discretionary Time Off (DTO) Program.
• 11 Paid Holidays Annually.

Application Instructions

We sincerely thank all applicants in advance.