Lead Cybersecurity Engineer

Providence India

India

5-8 Years

Save

Posted 5 hours ago
Be among the first 10 applicants

Early Applicant

Job Description

Job Description - SIEM Lead Engineer

Role Overview

The SIEM Lead Engineer is responsible for leading the design, development, and optimization of SIEM alerting, enrichment, and monitoring capabilities using Splunk. This role focuses on improving alert fidelity, contextual enrichment, detection engineering, and overall SOC effectiveness. The role acts as a technical lead and escalation point, working closely with SOC Analysts, Threat Detection, Security Engineering, and platform teams.

Key Responsibilities

Lead engineering and optimization of Splunk-based SIEM alerting and monitoring.
Design, develop, and tune correlation rules and detections to reduce false positives.
Own alert lifecycle management including creation, tuning, validation, and retirement.
Design and implement alert enrichment using IAM, CMDB, vulnerability, and threat intelligence sources.
Ensure alerts are enriched with user, asset, privilege, and business context.
Engineer and maintain Splunk data ingestion, normalization, and CIM compliance.
Support onboarding of log sources across endpoint, network, cloud, and identity platforms.
Develop detection use cases mapped to MITRE ATT&CK.
Act as L3 escalation for complex SIEM and detection issues.
Maintain SOPs, runbooks, and SIEM documentation.
Mentor SIEM engineers and provide technical guidance.

Required Skills & Experience

58 years of experience in SIEM or security engineering roles.
Strong hands-on expertise with Splunk Enterprise / Splunk ES.
Proven experience in SIEM alert development, tuning, and enrichment.
Strong understanding of security telemetry across endpoint, network, cloud, and IAM.
Proficiency in SPL (Search Processing Language).
Experience with MITRE ATT&CK and SOC workflows.
Experience integrating SIEM with IAM, CMDB, vulnerability, and threat intel platforms.

Preferred Qualifications

Experience in regulated environments such as healthcare or financial services.
Exposure to SOAR platforms and automated response workflows.
Scripting experience using Python or PowerShell.
Relevant security or Splunk certifications.

More Info

Job Type:

Permanent Job

Industry:

Hospitals /Healthcare /Diagnostics

Function:

Security Engineering

Employment Type:

Full time

About Company

Providence IndiaJob Source: careers.providence.in

Providence, one of the US's largest not-for-profit healthcare systems, is committed to high quality, compassionate healthcare for all. Driven by the belief that health is a human right and the vision, ‘Health for a better world', Providence and its 121,000 caregivers strive to provide everyone access to affordable quality care and services.

Job ID: 145109069

Jobs by Skill - IT

Jobs by Skill - Non IT

International Jobs

Last Updated: 30-03-2026 09:10:41 PM

Homejobs in IndiaLead Cybersecurity Engineer

Do you want to see more relevant and perfect job for you?

Beware of Scammers

We don’t charge any money for job offers

What it feels like to have

48% more interview calls?

To get 5X more recruiter views on your profile