Siem/soar Security Engineer

What success looks like in this role SIEM SOAR Support Assist in configuring and maintaining SIEM SOAR platforms to support log collection threat detection and automated response workflows Monitor and troubleshoot SIEM SOAR systems to ensure reliable operation and data integrity Support the creation of detection rules dashboards and alerts under senior engineer guidance Log Management Help manage log ingestion pipelines including syslog Windows Event Logs and other sources using SIEM tools or log aggregator and refinement platforms like Cribl Work with Incident Response teams and senior engineer to apply basic filtering and parsing rules to reduce noise and optimize log data for analysis Incident Response Support incident response activities including investigating alerts collecting evidence and documenting findings Assist in executing SOAR playbooks for automated incident handling under senior supervision Participate in post-incident reviews to improve detection and response processes Technical Assistance Work closely with senior engineers to implement and test SIEM SOAR configurations Perform routine maintenance tasks such as updating rules validating data ingestion and monitoring system performance Compliance and Documentation Assist in maintaining audit trails and logs to support compliance requirements e g data protection regulations Document configurations incidents and processes to ensure operational continuity Serves as an escalation point for technical issues around security tooling and the Unisys SOC team LI-RB1 You will be successful in this role if you have Key Qualifications 7-10 years in security operations IT or a related technical role with exposure to SIEM SOAR systems Basic experience in incident response such as handling alerts or supporting investigations Foundational knowledge of SIEM SOAR platforms e g Splunk Google SecOps QRadar Elastic or similar Familiarity with log management concepts including syslog Windows Event Logs or API-based data collection Basic scripting skills e g Python Grok Go JSON for automation or data processing Bachelor s Degree in Cybersecurity Computer Science Computer Engineering Information Technology or similar or the equivalent hands-on experience combined with training and certifications Exposure to incident response processes such as triaging alerts or analyzing logs Willingness to learn threat detection frameworks e g MITRE ATT CK Familiarity with security issues associated with cloud environments preferably with AWS or Azure Strong problem-solving skills and attention to detail Ability to work collaboratively with multiple teams and follow senior engineer guidance Good communication skills to document findings and report to stakeholders Preferred Qualifications Exposure to Cribl Splunk or Google SecOps Chronicle with a willingness to learn these tools Basic understanding of log routing filtering or transformation concepts Experience with basic forensic analysis or playbook execution in a SOAR platform Entry-level certifications e g CompTIA Security Splunk Fundamentals GIAC Security Essentials are a plus Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age blood type caste citizenship color disability family medical history family status ethnicity gender gender expression gender identity genetic information marital status national origin parental status pregnancy race religion sex sexual orientation transgender status veteran status or any other category protected by law This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers If you are a US job seeker unable to review the job opportunities herein or cannot otherwise complete your expression of interest without additional assistance and would like to discuss a request for reasonable accommodation please contact our Global Recruiting organization at GlobalRecruiting unisys com or alternatively Toll Free 888-560-1782 Prompt 4 US job seekers can find more information about Unisys