SIEM Architect

At Securonix, we're on a mission to secure the world by staying ahead of cyber threats, reinforcing all layers of our platform with AI capabilities. Our Securonix Unified Defense SIEM provides organizations with the first and only AI-Reinforced solution built with a cybersecurity mesh architecture on a highly scalable data cloud. Enhanced by Securonix EON's AI capabilities, our innovative cloud-native solution delivers a seamless CyberOps experience, empowering organizations to scale their security operations and keep up with evolving threats. 

Recognized as a five-time leader in the Gartner Magic Quadrant for SIEM and highly rated on Gartner Peer Insights, our award-winning Unified Defense SIEM provides organizations with 365 days of 'hot' data for rapid search and investigation, threat content-as-a-service, proactive defense through continuous peer and partner collaboration, and a fully integrated Threat Detection, Investigation, and Response (TDIR) experience—all within a single platform. Built on a cloud-native architecture, the platform leverages the Snowflake Data Cloud for unparalleled scalability and performance.

Securonix is proud to be a cybersecurity unicorn and featured in CRN's 2024 Security 100 list. Backed by Vista Equity Partners, one of the largest private equity firms with over $100 billion in assets under management, we have a unique advantage in driving innovation and growth. With a global footprint, we serve more than 1,000 customers
worldwide, including 10% of the Fortune 100. Our network of 150+ partners and Managed Security Service Providers (MSSPs) enables us to deliver unmatched security solutions on a global scale.

At Securonix, we are driven by our core values and place our people at the heart of everything we do:

• Winning as One Team: We work together with universal respect to achieve aligned outcomes
• Customer Driven Innovation: We innovate to stay ahead of the market and create value for our customers
• Agility in Action: We embrace change and are unified in our purpose and objectives amidst change

Join us as we redefine cybersecurity, innovate fearlessly, and grow together as one team.

Role Summary:

The SIEM Architect position is an integral part of our Professional Services team. In this role, you will work with our customers , supporting our mission to help them quickly and completely adopt our Security Operating Platform, leaving them more secure. This is a highly technical, hands-on role that will focus on architecting, planning, implementing, and operationalizing the SIEM platform. The ideal candidate will have a demonstrated understanding of information security and networking and extensive experience interacting with customers. Securonix Next-Gen SIEM and UEBA experience, although desired, is not required, but the candidate must have SIEM and SOAR software expertise and be willing to train on the Securonix platform and products.

Primary Responsibility:

• Lead end-to-end SIEM implementation or integrations in a customer environment.
• Understand customer business requirements and the threat landscape applicable to their industry's vertical sector to develop tailored use cases for security and Incident monitoring.
• Coordinate with customers to deploy collectors and agents in the on-premises network for data collection and forwarding.
• Work with customers to design and implement secure data flow into the Securonix cloud, following industry-standard best practices.
• Coordinate with service delivery managers, management, engineering, maintenance, and operational support teams to ensure timely delivery.
• Develop content, use cases, data models, dashboards, and connectors to support custom user requirements.
• Troubleshooting end-to-end network and infrastructure issues during data onboarding.
• Deploy and integrate the Securonix SOAR solution with the customer infrastructure for response orchestration.
• Engage with customers and internal product development teams to gather user requirements, suggest new product features, and help improve existing ones.
• Training and enabling customers and partners for successful adoption.

Minimum Requirements:

• 8+ years of experience in information security and SIEM field.
• Strong understanding of SIEM solutions such as Splunk, Qradar, ArcSight, Logrhythm and Exabeam.
• Experience deploying SIEM acorss multiple customers.
• Good understanding of MITRE ATT&CK matrices, kill chains and other attack models.
• Strong communication skills and customer facing experience.
• Strong knowledge of scripting languages such as Python, Powershell.
• Industry certifications such as CISSP, CISM

Preferred:

• BS in Computer Science, Information Systems, CyberSecurity
• 3-4+ years of experience in UEBA deployment
• Working knowledge of Machine learning in cybersecurity
• Working knowledge of cloud technologies such as Amazon, Azure and Google
• Good understanding of log collection methodologies and aggregation techniques such as Syslog-NG, syslog,  Nxlog, Windows Event Forwarding
• Good understanding of Hadoop ecosystem and Apache technologies.
• Experience integrating endpoint security and host-based intrusion detection solutions
• Experience with network forensics and toolsets such as Wireshark, PCAP, tcpdump

Benefits: 

As a full-time employee with Securonix, you will be eligible for the following employee benefits:

• Health Insurance with a total sum insured is INR 7,50,000
• Coverage: Self, Spouse, 2 kids, Dependent parents, or parents-in-law
• Personal Accident with total sum insured is INR 10,00,000
• Term Life Insurance with a sum assured for employees is 5 times fixed base pay is covered.

Securonix provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state and local laws. Securonix complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including hiring, placement, promotion, termination, layoff, recall, and transfer, leaves of absence, compensation and training.

Securonix expressly prohibits any form of unlawful employee harassment based on race, color, religion, gender, sexual orientation, national origin, age, genetic information, disability or veteran status. Improper interference with the ability of Securonix employees to perform their expected job duties is absolutely not tolerated.

Headhunters and recruitment agencies may not submit candidates through this application. Securonix does not accept unsolicited headhunter and agency submissions for candidates and will not pay fees to any third-party agency without a prior agreement with Securonix.