Flexible Work, Better Balance
The Lead SIEM Engineer serves as a senior technical authority supporting a variety of global enterprise information security services for the Chief Information Security Officer. The role focuses on the architecture, engineering, and optimization of three core platforms: Splunk Cloud, Amazon Web Services (AWS), and Cribl.
The Lead SIEM Engineer is the senior technical lead for building, maintaining, and evolving the infrastructure that collects, correlates, and identifies indicators of malicious or inappropriate activity. This individual must manage security‑relevant data to facilitate intrusion detection, log analysis, and incident response at enterprise scale. The role is a primary escalation path for complex events, provides architectural guidance, and shapes the long‑term direction of the SIEM and data ingestion program.