Serve as the primary technical point of contact for the SIEM platform.
Manage vendor relationships, including coordinating new feature enablement, tracking bugs, and holding the vendor accountable for system stability and availability.
Enforce a rigorous "safe change" process to achieve "zero manual changes" by routing all administrative actions through auditable, internal processes.
Act as the "ultimate gatekeeper for the quality of data" within the SIEM.
Define and enforce strict SIEM ingestion requirements, including format and enrichment processes, to ensure high-quality, structured, and contextualized log data.
Oversee the availability and performance of the vendor SAAS platform, with a target uptime of 99.9%.
Build and maintain supporting services to monitor and alert on key metrics, including end-to-end log ingestion pipeline health, data freshness (targeting a maximum 5-minute latency), data ingestion rate, and deviation from ingestion time.
Develop and implement services to automate platform changes and streamline processes, moving away from fragmented, manual tasks and over-reliance on "tribal knowledge".
Manage the full lifecycle of new feature enablement, from proof of concept and validation to controlled rollout.
Lead the team in making key architectural decisions and participate in design reviews to ensure that technical solutions are not only robust but also scalable for future growth.

Requirements

Proven experience in a senior technical role (e.g., LMTS) managing and operating security platforms in a large-scale enterprise environment.
Deep expertise with SIEM solutions, including direct, hands-on experience with CrowdStrike, Splunk, or Google Chronicle.
Strong understanding of data pipelines, including log ingestion from various sources (APIs, SQS, S3, SaaS platforms).
Experience with building observability services and monitoring key platform health metrics.
Demonstrated ability to drive change and automate processes, reducing manual effort and improving operational efficiency.
Experience with user access management and RBAC, particularly with SCIM-based access control.
Excellent problem-solving, communication, and collaboration skills.
The ability to work effectively with cross-functional teams and external vendors is essential.

Benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

SIEM solutionsCrowdStrikeSplunkGoogle Chronicledata pipelineslog ingestionobservability servicesuser access managementRBACSCIM-based access control

Soft Skills

problem-solvingcommunicationcollaborationdriving changeoperational efficiency