SIEM Architect
SIEM Architect
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
ARHS Group part of Accenture is looking for a highly motivated and skilled SIEM Architect for one of our clients a key player in the financial domain.
The ideal candidate will be responsible for driving key initiatives and contributing to the success of our client. This role requires a combination of technical expertise strategic thinking and strong communication skills.
Context
Support and advisory services. The primary technologies involved are Splunk Sentinel and Elastic.
Taking into account potential changes based on evolving insights from the consultants assessment this project aims to facilitate the successful integration of multiple legacy SIEM platforms into a unified and scalable SIEM solution. This will be achieved through the provision of security engineering expertise across detection data ingestion and validation activities.
Role & responsibilities
- Conduct assessment and translation of existing detection rules from legacy SIEMs to the target platform.
- Support a RFP to select a SIEM
- Support migration of prioritized data sources including log validation parsing enrichment and tagging.
- Ensure businesscritical alerting and correlation use cases are maintained or enhanced postmigration.
- Collaborate with internal SOC and engineering teams to implement scalable log ingestion pipelines and retention policies.
- Integrate with existing detectionascode processes and related CI/CD pipelines for rule lifecycle management.
- Implement and test enrichment and contextual tagging using internal and external data sources.
- Assist in configuring federated search and ensuring data remains at rest in its respective environments.
- Validate the performance fidelity and coverage of translated detection logic using controlled datasets or historical log replay.
- Provide regular updates documentation and knowledge transfer sessions with internal teams.
- Deliver tuning recommendations and support postmigration optimization efforts.
Deliverables
- Inventory of log sources detection rules and integrations across legacy SIEM platforms.
- Data source and detection rule migration plan.
- Validated ingestion pipelines and normalized log formats.
- Enrichment and correlation configurations.
- Test definitions and test results including tuning reports for translated detections.
- Final migration summary with coverage validation and open gap tracking.
- Documentation for transitioned components.
Qualifications :
Your profile
- University degree in Computer Science Cybersecurity Data Engineering or a related field or equivalent professional experience. A background in cybersecurity is strongly preferred.
- Strong analytical and problemsolving abilities with meticulous attention to detail and a demonstrated capacity to work crossfunctionally with infrastructure security and business teams.
- Excellent communication skills capable of distilling complex technical details into clear insights for both technical and executive audiences.
Technical skills
- 810 years of experience in security architecture roles with proven expertise in managing and integrating multiple SIEM platforms (e.g. Splunk Microsoft Sentinel Elastic).
- Handson experience in consolidating SIEM technologies across hybrid cloud and onprem environments including normalization of data sources correlation rule migration and log pipeline optimization.
- Deep understanding of SIEM architecture log ingestion pipelines data parsing and enrichment and custom alert development.
- Deep experience aligning SIEM configuration and operations with regulatory compliance requirements such as PCI DSS ISO 27001 HIPAA and SOC 2 ensuring coverage of mandated logging monitoring and alerting controls.
- Strong knowledge of security concepts such as threat detection data privacy controls threat modeling and risk assessment with an emphasis on how they apply across diverse SIEM ecosystems.
- Experience designing and maintaining scalable data pipelines to support security telemetry ingestion transformation storage and analysis across distributed systems.
Remote Work :
No
Employment Type :
Parttime
Employment Type
Part-time
