Siem Integration Architect

6 days ago

Bengaluru Karnataka, India Unisys Full time

**What success looks like in this role**:

- Lead the **integration of alarm/data feeds from multiple SIEM platforms**(e.g., Splunk, LogRhythm, Securonix) into Microsoft Sentinel.
- Configure and manage **Cribl pipelines**to collect, filter, transform, and enrich raw data before forwarding to Sentinel.
- Design and implement **data normalization strategies**to ensure consistent formatting, tagging, and field mapping.
- Build and maintain **data ingestion workflows**, ensuring optimized performance, scalability, and reliability.
- Develop and maintain **custom Sentinel connectors, KQL queries, workbooks, and analytics rules**.
- Implement and tune **SOAR automation playbooks**using Logic Apps or integrated response tools.
- Collaborate with resolver teams (Platform, Application, CloudOps) for end-to-end use case implementation.
- Act as SME for Microsoft Sentinel and Cribl architecture in client-facing and technical forums.
- Troubleshoot integration and ingestion issues across hybrid and cloud-native infrastructures.
- Establish alert pipelines to bring **security alerts/alarms from legacy SIEM tools**into Sentinel for centralized monitoring.
- Ensure data integrity, compliance, and auditability in accordance with customer and regulatory requirements.
- Generate technical documentation, integration standards, and data flow diagrams.
- Provide expert guidance to SOC analysts and security engineers on new use cases and data onboarding.
- Stay updated on current and emerging threats to enhance detection and response capabilities.

**You will be successful in this role if you have**:

- **Required Skills & Experience**:

- **10-15 years of experience**in cybersecurity, with a strong technical background in SIEM tools and security data architecture.
- Proven experience with **Microsoft Sentinel**, including data connectors, KQL, and automation via Logic Apps.
- Hands-on expertise in **Cribl**: stream design, data parsing, enrichment, routing, and performance tuning.
- Experience with **multiple SIEM platforms**(e.g., Splunk, LogRhythm, Securonix) and their alarm/log structures.
- Deep understanding of **SIEM data ingestion models, log collection, and telemetry pipelines**.
- Familiarity with **cloud-native services**(Azure, AWS, GCP) and their logging/integration mechanisms.
- Scripting experience with **Python**and **PowerShell**for integration and automation tasks.
- Ability to troubleshoot complex integration issues involving multiple data sources and tools.

**Key Qualifications**:

- Bachelor’s degree in Computer Science, Information Security, or related field.
- Certifications preferred**:Microsoft SC-200**, **Security+**, **GCIH**, **CEH**, **Cribl Certified Admin**.
- Excellent communication and stakeholder management skills.
- Strong problem-solving mindset and attention to detail.
- Ability to mentor junior staff and lead technical discussions.

Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, blood type, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law.

  • SIEM Integration Architect

    2 weeks ago

    Bengaluru, India Unisys Full time

    What success looks like in this role: Lead the integration of alarm/data feeds from multiple SIEM platforms (e.g., Splunk, LogRhythm, Securonix) into Microsoft Sentinel. Configure and manage Cribl pipelines to collect, filter, transform, and enrich raw data before forwarding to Sentinel. Design and implement data normalization strategies to ensure consistent...

  • SIEM Integration Architect

    2 weeks ago

    Bengaluru, India Unisys Full time

    Job Description What Success Looks Like In This Role - Lead the integration of alarm/data feeds from multiple SIEM platforms (e.g., Splunk, LogRhythm, Securonix) into Microsoft Sentinel. - Configure and manage Cribl pipelines to collect, filter, transform, and enrich raw data before forwarding to Sentinel. - Design and implement data normalization strategies...

  • Administrator - Siem

    3 days ago

    Bengaluru, Karnataka, India Microland Full time

    : - **Education Qualification**: Any Graduate **Skills**: Primary -> Technology | Cybersecurity | SOC Alert Management | 3 - Experienced Primary -> Technology | Cybersecurity | SIEM-SOAR | 3 - Experienced Secondary -> Technology | Cybersecurity | End Point Security | 2 - Knowledgeable Secondary -> Technology | Cybersecurity | Vulnerability Management | 2 -...

  • Splunk Architect

    6 days ago

    Bengaluru, Karnataka, India Meithee Tech Private Limited Full time

    **Splunk Architect** Contract duration - 2 to 3Years Experience - 7 to 15 years Primary location - Chennai, Bengaluru, Pune Secondary location - Kolkata & Mumbai Employment Type - Contract **Requirements**: - Should have SPLUNK Architect Certification - Experience in working with Splunk Enterprise, Splunk Enterprise Security & Splunk SOAR, Azure...

  • Sme -siem (So1)

    6 days ago

    Bengaluru, Karnataka, India Microland Full time

    **Required Skills**: Technology | Sentinel SIEM Tool Expert | Level 3 Support Technology | Securonix SIEM Tools Expert | Level 3 Support Technology | ArcSight SIEM Tools Administrator | Level 2 Support Technology | Cybersecurity General Administrator | Level 2 Support Technology | Network Traffic Analysis Administrator | Level 2 Support **Education...

  • SIEM Engineeer

    2 weeks ago

    Bengaluru, India ScaleneWorks Full time

    "Essential Job Functions:- Individuals at this job are responsible for managing SIEM infrastructure like Microsoft Azure Sentinel and / or other SIEMs Working knowledge of Microsoft Azure cloud platform, log analytics workspaces. Excellent knowledge of KQL (Kusto Query Language). Writing SIEM rules (Cross device and complex correlation) to implement...

  • Administrator - Siem

    6 days ago

    Bengaluru, India Microland Full time

    Additional details **Level** - P2**Requirement location** - India - Bengaluru**Number of Position** - 1**Employment type** - ML**Cluster/Group** - Microland Delivery**Business Unit** - US**Department** - SOC - Tech Ops**Job Description**: Required Skill Technology - Cybersecurity|SIEM-SOAR Technology - Cybersecurity|SOC Alert Management Technology -...

  • Administrator - Siem

    19 hours ago

    Bengaluru, India Microland Full time

    Additional details **Level** - P2**Requirement location** - India - Bengaluru**Number of Position** - 1**Employment type** - ML**Cluster/Group** - Microland Delivery**Business Unit** - APAC**Department** - SOC - Tech Ops**Job Description**: Required Skill Technology - Cybersecurity|SIEM-SOAR Technology - Cybersecurity|SOC Alert Management Technology -...

  • Integration Architect

    4 days ago

    Bengaluru, Karnataka, India PradeepIT Consulting Services Full time

    **About the job Integration Architect**: **Job Title**: Integration Architect **Experience**: 8 to 15 years **Location**: Delhi, Chennai, Kochi, Bangalore **Required Technical Skill Set**: - API-first centric enterprise - Azure Cloud - Java, JavaScript, Node.js **Must-Have Competencies**: - Experience in SOA and Microservices - Software architecture...

  • Associate Sme

    6 days ago

    Bengaluru, Karnataka, India Microland Full time

    : **Education Qualification**: Engineer - B.E / B.Tech / MCA **Skills**: Primary -> Technology | Securonix SIEM Tools Expert | Level 3 Support | 3 - Experienced Primary -> Technology | Sentinel SIEM Tool Expert | Level 3 Support | 3 - Experienced Secondary -> Technology | ArcSight SIEM Tools Administrator | Level 2 Support | 2 - Knowledgeable Secondary ->...