SIEM Specialist

About the role
We are seeking an experienced SIEM Specialist with 5+ years of hands-on cybersecurity experience to design, implement, manage, and optimize Security Information and Event Management (SIEM) platforms. The ideal candidate will play a key role in strengthening the organization’s security posture by delivering advanced threat detection, incident response support, and continuous monitoring capabilities.

What you will do:

• Deploy, configure, and manage SIEM platforms (e.g., Splunk, IBM QRadar, Microsoft Sentinel, Elastic SIEM)
• Develop fine-tune correlation rules, detection logic, and alerting mechanisms
• Monitor security events, investigate alerts, and support incident response activities
• Perform log ingestion onboarding from diverse sources (network devices, endpoints, cloud platforms, applications)
• Build dashboards, reports, and visualizations for security operations and leadership
• Conduct threat hunting activities using SIEM data and external intelligence feeds
• Collaborate with SOC analysts, incident responders, and security engineers to improve detection coverage
• Maintain SIEM health, performance tuning, and storage optimization
• Integrate SIEM with SOAR tools, threat intelligence platforms, and vulnerability management systems
• Ensure compliance with security frameworks such as NIST, ISO 27001, SOC 2, or HIPAA (as applicable)
• Document procedures, playbooks, and detection engineering standards

What you bring:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience)
• 5+ years of experience in SIEM administration, security operations, or SOC environments
• Strong hands-on experience with at least one major SIEM platform (Splunk, QRadar, Sentinel, Elastic, etc.)
• Solid understanding of log formats, parsing, normalization, and data onboarding
• Experience with threat detection engineering and rule development
• Knowledge of TCP/IP networking, firewalls, IDS/IPS, VPNs, and cloud security (AWS, Azure, or GCP)
• Familiarity with MITRE ATT&CK framework and threat modeling
• Experience supporting incident response and digital forensics investigations

Nice if you have:

• Experience with SOAR platforms (e.g., Cortex XSOAR, Splunk SOAR)
• Scripting ability in Python, PowerShell, or Bash
• Knowledge of cloud-native logging (AWS CloudTrail, Azure Monitor, GCP Logging)
• Certifications such as: o CISSP o CISM o Splunk Certified Architect / Admin o Microsoft SC-200
• Strong analytical, troubleshooting, and communication skills
  
  Soft Skills
• Strong attention to detail and analytical thinking
• Ability to work under pressure in high-severity incident environments
• Excellent communication skills for both technical and non-technical stakeholders
• Team-oriented with a proactive mindset toward continuous improvement

Equal Opportunity Employer:

AspenView is proud to be an equal opportunity employer. We believe in creating an environment where all employees feel welcome, valued, and empowered to succeed. We celebrate diversity and strive to build a culture of inclusion where all individuals, regardless of their race, color, gender, gender identity or expression, sexual orientation, disability, age, or any other characteristic, can thrive. We encourage applicants from all walks of life to join our team and make a lasting impact.