Lead Security Systems Engineer

RESPONSIBILITIES
- SIEM Deployment & Configuration: Lead the design, deployment, and configuration of SIEM solutions, ensuring seamless integration with various security tools, systems, and log sources
- SIEM Migration: Plan and execute SIEM migration projects, including data transfer, log source integration, rule/alert migration, and configuration tuning
- Use Case Development: Develop, customize, and fine-tune SIEM use cases, correlation rules, dashboards, and reports to effectively detect threats and suspicious activities
- Incident Response Support: Collaborate with the SOC (Security Operations Center) team to support further use case creation and finetuning following SOC team requirements
- Performance Optimization: Regularly review and optimize SIEM performance to ensure efficient log collection, storage, processing, and alerting
- Documentation & Reporting: Maintain comprehensive documentation for SIEM configurations, integrations, and migration processes, providing regular reports on SIEM performance
- Training & Knowledge Sharing: Train and mentor junior security engineers and SOC analysts on SIEM use, best practices, and troubleshooting
- Collaboration: Work closely with IT, security, and network teams to ensure the SIEM platform aligns with security strategies and goals

**REQUIREMENTS**:

- At least 8 years of experience in Cyber Security. Most of which specialized in engineering SIEM solutions and working in a SOC
- Expertise in SIEM engineering and architecture, with a focus on at least Splunk or any other leading SIEM solutions like Microsoft Sentinel, QRadar, ArcSight, LogRythm
- Experience in managing the full delivery lifecycle for SIEM enhancements and automation including working on converged SIEM solutions that include SOAR and XDR solutions within it
- Proficiency in integrating log sources and developing correlation rules, alerts, and dashboards
- Experience working in cloud environments (AWS, Azure, GCP) and integrating cloud logs into SIEM solutions
- Understanding security frameworks (MITRE ATT&CK, NIST) and basic knowledge of regulatory compliance (GDPR, PCI-DSS)
- Knowledge of network protocols, firewalls, IDS/IPS, endpoint security, and threat intelligence
- The ability to understand the client’s needs, their specific security challenges, and the regulatory landscape to provide tailored solutions
- Should effectively communicate complex technical concepts to clients, build trust, and establish strong relationships
- Ability to manage stakeholders at various levels, from technical staff to senior executives
- Ability to work effectively with teams from different departments within large organizations and enterprises
- Skill in facilitating discussions, resolving conflicts, and building consensus among stakeholders with diverse perspectives
- Ability to make informed decisions based on evidence

WE OFFER
- Career plan and real growth opportunities
- Unlimited access to LinkedIn learning solutions
- International Mobility Plan within 25 countries
- Constant training, mentoring, online corporate courses, eLearning and more
- English classes with a certified teacher
- Support for employee’s initiatives (Algorithms club, toastmasters, agile club and more)
- Enjoyable working environment (Gaming room, napping area, amenities, events, sport teams and more)
- Flexible work schedule and dress code
- Collaborate in a multicultural environment and share best practices from around the globe
- Hired directly by EPAM & 100% under payroll
- Law benefits (IMSS, INFONAVIT, 25% vacation bonus)
- Major medical expenses insurance: Life, Major medical expenses with dental & visual coverage (for the employee and direct family members)
- 13 % employee savings fund, capped to the law limit
- Grocery coupons
- 30 days December bonus
- Employee Stock Purchase Plan
- 12 vacations days plus 4 floating days
- Official Mexican holidays, plus 5 extra holidays (Maundry Thursday and Friday, November 2nd, December 24th & 31st)
- Monthly non-taxable amount for the electricity and internet bills