Hiring: SIEM Lead Engineer (Splunk)
Experience: 5–8 Years
Location : Hyderabad (WFO)
We're looking for a hands-on SIEM Lead Engineer with strong Splunk expertise to drive detection engineering and improve SOC effectiveness. If you enjoy building high-quality detections, reducing alert noise, and working closely with SOC teams, this role is for you.
What You'll Do
- Design and build SIEM detections and alerts in Splunk
- Tune and optimize alerts to reduce false positives
- Own the complete alert lifecycle (build → test → tune → retire)
- Implement alert enrichment using IAM, CMDB, vulnerability & threat intel data
- Work on log onboarding, data normalization & CIM compliance
- Map detections to MITRE ATT&CK framework
- Act as an L3 escalation point for complex issues
- Mentor junior engineers and support SOC teams
Must-Have Skills
- 5–8 years in SIEM / Security Engineering
- Strong hands-on experience in Splunk (Enterprise / ES)
- Expertise in SPL (Search Processing Language)
- Experience in alert creation, tuning & detection engineering
- Good understanding of security logs (endpoint, network, cloud, IAM)
- Experience with MITRE ATT&CK & SOC workflows
- Experience integrating SIEM with IAM, CMDB, vulnerability & threat intel tools
Good to Have
- Experience in Healthcare / BFSI environments
- Exposure to SOAR tools
- Python / PowerShell scripting
- Splunk or security certifications
If you're passionate about designing and implementing robust SIEM and EDR frameworks, we'd love to connect!
DM me or share your profile at [Confidential Information]
