Serve as the primary implementer for the new SIEM solution, configuring data ingestion and tuning the platform for optimal performance
Own the security observability platform on Grafana (Loki/LogQL, Prometheus/PromQL, Grafana Alerting; OTel for collection), including onboarding sources, parsing, enrichment, and alert routing
Own the "Content Engineering" lifecycle: Write, test, and tune detection rules and queries (LogQL, PromQL, SPL, KQL, SQL, etc.) to identify malicious activity with low false-positive rates
Partner with the Engineering team to ensure the new observability platform captures the right security telemetry and logs
Serve as the primary operator for security monitoring and initial incident triage, participating in the on-call rotation

Requirements

5-7 years of total experience in Information Security or Security Operations
Proven experience transitioning from a "consumer" of alerts (Analyst) to a "builder" of detections (Engineer)
Demonstrated experience working with SIEM/observability platforms (Grafana/Loki preferred; Splunk/Elastic/Sentinel/Datadog acceptable), specifically in creating dashboards, reports, and writing complex queries
Experience working with Managed Detection and Response (MDR) providers or MSSPs is highly preferred
Background in partnering with DevOps or Engineering teams on logging or observability initiatives is a plus
Bachelor’s degree in Computer Science, Information Security, or a related field or equivalent work experience
Industry certifications such as GCIH, GCIA, GCED, GMON, Security+, CySA+ or related are highly desirable

Benefits

Employees can expect a robust benefits package, including health and dental and 401k with company match
Find your perfect work/life balance with our Flexible Time Off policy or generous PTO plan (role dependent) and paid holidays
Up to 4 weeks paid bonding leave
Tuition reimbursement
Robust Employee Assistance Program through TotalCare offering free counseling 24/7/365, plus financial counseling, legal guidance, adoption assistance services and much more!
24/7 access to virtual medical care with Teladoc
Quarterly awards based on peer nominations
Regional discounts and perks
Opportunities to participate in charitable events and give back to the community

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

SIEMGrafanaLokiLogQLPrometheusPromQLSPLKQLSQLdetection rules

Soft Skills

collaborationincident triageproblem-solvingcommunicationanalytical thinking

Certifications

GCIHGCIAGCEDGMONSecurity+CySA+