FREE ACCESS
5,000–10,000 jobs/day

See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.
Tech Stack
Tools & technologiesCloudSplunk
About the role
Key responsibilities & impact- Define overall NG SIEM and SOAR strategy, roadmap, and architecture.
- Govern onboarding, ingestion structures, and quality standards using Cribl, cloud-native pipelines, and routing rules.
- Establish Fusion correlation strategy—priority rule sets, enrichment patterns, MITRE coverage, noise control.
- Lead the enterprise Case Management program (workflow, SLA, severity model, automation).
- Own SOAR strategy—automation roadmap, playbook standards, orchestration framework, KPIs.
- Partner with IR, Threat Hunting, CTI, Cloud Security, and Network teams to design multi-layer detection logic.
- Review and approve critical detection content, correlation logic, and data models.
- Oversee ingestion performance, retention, licensing, and cost optimization.
- Manage a team of Staff, Senior Engineers, and Automation Engineers.
- Present metrics and maturity dashboards to leadership: ingestion health correlation performance case SLA adherence automation success rate.
- Drive continuous improvement, runbooks, SOPs, and audit readiness.
- Experience or exposure to AI‑powered SOC features such as Charlotte AI, Sentinel Copilot.
- Ability to leverage AI assistants for query generation (SPL/KQL/CQL), alert summarization, detection tuning, and workflow optimization.
- Familiarity with exploring AI capabilities in SOAR platforms (Fusion, Sentinel, Splunk SOAR) to automate enrichment, case resolution, and noise reduction.
Requirements
What you’ll need- 7+ years in SIEM/SOAR, detection engineering, or security analytics.
- Expertise in Fusion-like correlation engines, case management frameworks, and SOAR automation.
- Strong background in security architecture, data modeling, and cross-platform integrations.
- Experience managing teams and multi-stakeholder programs.
- Deep hands-on knowledge of Cribl, cloud-native pipelines, Falcon NGSIEM, Sentinel, ADX, Splunk, LogScale.
- Strong communication and executive presentation skills.
Benefits
Comp & perks- Competitive salary
- Remote work options
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
Detection EngineeringData ModelingAutomation RoadmapMulti-Stakeholder Program ManagementCloud-Native PipelinesCorrelation LogicAI-Powered SOC FeaturesQuery Generation (SPL/KQL/CQL)Case Management FrameworksOrchestration Framework
Soft Skills
Strong CommunicationExecutive Presentation Skills
