Senior SIEM Architect/SME
Dragonfli Group
full-time
Posted on:
Location Type: Remote
Location: United States
Visit company websiteExplore more
Job Level
Tech Stack
About the role
- Lead all current state analysis: ingest volume baseline, use case library maturity audit, XDR/SIEM convergence analysis, data lake evaluation, DLP posture assessment, and retention gap analysis
- Populate and validate a proprietary multi-vendor SIEM scoring dashboard using actual client contract and usage data
- Build a 3-year total cost of ownership model across five vendor platforms
- Produce the following deliverables under the direction of the Engagement Lead: Current State Findings Summary, Vendor Recommendation Report, Target State Architecture Overview, SIEM Assessment Dashboard, Phase 2 Roadmap Framework
- Participate in and provide technical defense during two client-facing working sessions (90 min each, video call)
- Mentor a junior Cybersecurity Engineer Analyst on the team throughout the engagement
- Work directly alongside the Dragonfli Engagement Lead (CEO) on all client interactions
Requirements
- 7+ years of hands-on SIEM experience — architecture, deployment, and ongoing operations
- Deep platform expertise in at least two of: Splunk (Enterprise or Cloud), Microsoft Sentinel, Rapid7 InsightIDR
- Experience evaluating SIEM platforms in an enterprise environment — vendor scoring, cost modeling, architecture trade-off analysis
- Ability to produce client-ready written deliverables: findings summaries, recommendation reports, architecture overviews
- Comfortable presenting and defending technical analysis in front of a client security team
- Experience working independently on tight timelines with minimal oversight
- Ability to mentor and develop a junior team member
- Preferred: Experience with SentinelOne Singularity or comparable XDR/data lake platforms
- Background in regulated industries: financial services, legal, healthcare, or federal government
- Familiarity with Cribl Stream or data routing/tiering architectures
- CISSP, GCTI, Splunk Certified Architect, or comparable certification
Benefits
- Paid time off
- Professional development opportunities
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
SIEMarchitecturedeploymentoperationsvendor scoringcost modelingarchitecture trade-off analysisdata routingdata lake evaluationDLP posture assessment
Soft Skills
mentoringclient interactiontechnical defenseindependent workpresentation skillswritten communicationtime managementteam collaborationanalytical thinkingproblem-solving
Certifications
CISSPGCTISplunk Certified Architect