SIEM Engineering Manager

Company ProfileOur client is a global IT services company that helps businesses with digital transformation with offices in India and the United States. It helps businesses with digital transformation, provide IT collaborations and uses technology, innovation, and enterprise to have a positive impact on the world of business.With expertise is in the fields of Data, IoT, AI, Cloud Infrastructure and SAP, it helps accelerate digital transformation through key practice areas - IT staffing on demand, innovation and growth by focusing on cost and problem solving.Location & work – Noida, IndiaEmployment Type - Full TimeProfile – SIEM Engineering ManagerPreferred experience - 10+ YearsThe Role:As a SIEM Engineering Manager, you will be responsible for the t echnical direction, operational governance, and delivery assurance of SIEM and SOAR platforms.This position leads engineering, automation, and AI-driven transformation initiatives to build a self-driving, SLA-based, AI-augmented SOC. The role involves team leadership, platform scalability, automation development, AI integration, documentation oversight, and governance engagement with client stakeholder.Responsibilities:·        Lead cross-functional teams: SIEM Engineers, SOAR Developers, Automation Leads, Content Writers, and GenAI Developers.·        Define and track engineering delivery KPIs, SLAs, and transformation milestones.·        Ensure 24x7 engineering support readiness with L3-level coverage, including weekends.·        Drive continuous improvement, innovation, and engineering excellence.·        Govern ingestion pipelines, data normalization, correlation rules, and detection logic.·        Ensure alignment with threat models, compliance requirements, and security standards.·        Oversee platform health, performance tuning, and scalability planning.·        Integrate SIEM with XDR, DLP, EDR, and identity security tools.·        Direct development of playbooks in Azure Logic Apps and other SOAR platforms.·        Collaborate with Automation Leads to drive hyper-automation and reduce MTTR.·        Ensure playbooks are modular, scalable, and aligned with IR procedures.·        Promote KQL-based automation and Copilot (AI) usage for Smart L2 operations.·        Guide GenAI Developers in embedding AI agents into SOC workflows.·        Support predictive analytics, RCA automation, incident summarization, and LLM-based enhancements.·        Oversee Content Writers in documenting use cases, playbooks, and detection logic.·        Ensure engineering documentation, traceability, and audit readiness.Must-Have Qualifications:●      Bachelor’s degree in Computer Science, Information Technology, Engineering, or a related field.●      Minimum 10+ years of Cyber security experience with SIEM engineering leadership.●      Strong expertise in Microsoft Sentinel, Azure Logic Apps, Defender XDR, and enterprise SIEM tools.●      Hands-on experience with log ingestion pipelines, correlation logic, and detection engineering.●      Strong hands-on experience with SOAR platforms and playbook development (Azure Logic Apps or equivalent).●      Strong scripting skills in KQL, PowerShell, Python for automation and workflow optimization.●      L3-level troubleshooting capability and 24x7 operations exposure.●      Proven experience in building automation workflows (SOAR) and reducing MTTR.●      Experience with AI/ML use cases related to SOC modernization (GenAI, automation, LLMs).●      Strong understanding of security architecture, threat models, and data protection standards.●      Experience in leading large SOC/SIEM engineering teams.●      Expertise with DLP, EDR, and XDR integrations (Defender, CrowdStrike, etc.).Preferred Qualifications:·        Excellent leadership, communication, and stakeholder management skills.·         Certifications such as AZ-500, SC-100, GCIA, GDSA, CISSP, CCSP, or Azure Security Certifications·        Background in delivering MBRs/QBRs and driving cyber security transformation initiativesApplication MethodApply online on this portal or on email at