Senior Engineer – SIEM Platform Engineering, Operations
Bank of America
full-time
Posted on:
Location Type: Hybrid
Location: Denver • Colorado • North Carolina • United States
Visit company websiteExplore more
Salary
💰 $150,000 - $190,700 per year
Job Level
About the role
- Engineer, monitor, and maintain the operational health and resiliency of SIEM platforms including Splunk Enterprise/Cloud and Microsoft Sentinel
- Implement SIEM platform resiliency controls including cluster monitoring, ingestion latency tracking, and workload distribution optimizations
- Monitor, maintain, and troubleshoot the data ingestion pipeline including Kafka clusters, Cribl pipelines, Splunk Forwarders, and Sentinel connectors
- Develop dashboards for pipeline throughput, message lag, schema drift, and end-to-end data quality validation
- Manage and enforce data SLIs/SLOs across freshness, completeness, correctness, and availability
- Ensure proper CIM/OCSF/CEF normalization and enrichment for all security-relevant data sources
- Oversee the Anvilogic content management platform including rule execution health, version control, and analytics dependency monitoring
- Develop unified observability dashboards covering SIEM platform state, ingestion health, detection pipeline execution, and analytic reliability
- Serve as escalation point for SIEM data outages, ingestion failures, analytic misfires, and platform degradations
- Collaborate with operational and engineering teams to design and enhance security detections, analytics, and proactive defenses
- Write, optimize, and maintain SPL, KQL, and other query languages to support analytics, threat detection, and investigations
- Support Model Risk Management (MRM) efforts to describe AI or ML Models in use by any of our SIEM Technologies
Requirements
- 6+ years of experience in Security Operations, SIEM Engineering, Detection Engineering, Incident Response, or related enterprise disciplines
- Hands-on experience with Splunk Enterprise/Cloud and Microsoft Sentinel in large-scale environments
- Experience with Kafka, Cribl, Databricks, Hadoop, Python, SQL, Pandas, Spark, or similar data platforms
- Experience mapping log sources into structured models such as CIM, OCSF, CEF
- Ability to troubleshoot complex SIEM ingestion, data quality, and infrastructure performance issues
- Experience with EDR, SIEM, SOAR, and other enterprise-scale cybersecurity tools
- Ability to manage competing priorities, drive consensus, and deliver results across distributed teams
Benefits
- Employees are eligible for an annual discretionary award based on performance
- Industry-leading benefits
- Access to paid time off
- Resources and support to make a genuine impact
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
SIEM engineeringdata ingestion pipelineSPLKQLPythonSQLPandasSparkKafkaCribl
Soft Skills
troubleshootingmanaging competing prioritiesdriving consensusdelivering results