Senior SIEM Engineer

Job not on LinkedIn

October 21

🏄 California – Remote

Although this job is listed in California, this company may be open to hiring remote in other states.

⏰ Full Time

🟠 Senior

👷🏻‍♀️ Engineer

Apply Now

Receive Emails with Similar Jobs

Keeper Security, Inc.

WebsiteLinkedInAll Job Openings

Cybersecurity • Enterprise • SaaS

Keeper Security, Inc. is a leading cybersecurity company known for its comprehensive and AI-enabled platform designed to protect individuals and enterprises from data breaches and ransomware. Their wide array of products includes a password manager, privileged access manager, secrets manager, and remote browser isolation services, among others. They focus on zero-trust security models, offering solutions for password management, secrets management, secure remote access, and compliance. The company serves a global clientele, safeguarding millions of users, and is recognized for its strength and cost-efficiency in password and secrets management solutions.

201 - 500 employees

Founded 2011

🔒 Cybersecurity

🏢 Enterprise

☁️ SaaS

📋 Description

• Architect, deploy, and maintain a scalable, multi-tenant SIEM platform for security and operational use cases • Design and manage data ingestion pipelines from diverse sources, including infrastructure, cloud services, SaaS, and endpoints • Build and maintain integrations with enterprise tools such as EDR, SOAR, ITSM, CRM, and CI/CD systems • Develop automation for log collection, normalization, enrichment, and correlation • Tune and optimize correlation rules, dashboards, and detections to maximize context and minimize noise • Partner with Security and SOC teams to enhance threat detection, incident response, and forensic capabilities • Collaborate with DevOps, Engineering, and NOC teams to improve performance monitoring, uptime, and observability • Support IT and Helpdesk with visibility into authentication, endpoint, and user activity data • Enable Sales and Customer Success with security posture metrics and operational reporting • Ensure SIEM architecture supports audit, compliance, and risk frameworks such as SOC 2, ISO 27001, HIPAA, and PCI DSS • Define and enforce data retention, access control, and classification policies • Mentor junior engineers and analysts on detection engineering and observability best practices • Promote adoption of the SIEM platform as a shared service across all departments

🎯 Requirements

• 6+ years of experience in cybersecurity, IT operations, or DevOps, with at least 3 years administering or architecting SIEM platforms • Deep understanding of log management, correlation, and alerting principles • Hands-on experience with one or more enterprise SIEMs — Splunk, Microsoft Sentinel, Elastic, Exabeam, QRadar, or DataDog • Strong scripting and automation skills using Python, PowerShell, or REST APIs • Familiarity with modern cloud and container platforms (AWS, Azure, GCP) • Ability to work cross-functionally and translate operational data into actionable insights • Excellent problem-solving, communication, and documentation skills • Preferred Qualifications • Certifications such as Splunk Certified Architect, Microsoft Sentinel Engineer, GIAC GCDA/GCIH, or AWS Security Specialty • Experience building shared data pipelines and multi-tenant dashboards • Exposure to business data integration (CRM, ticketing, or SaaS telemetry) • Background in automation, observability, or detection content development • Bachelor’s degree in Computer Science, Cybersecurity, or related field, or equivalent experience

🏖️ Benefits

• Medical, Dental & Vision (inclusive of domestic partnerships) • Employer Paid Life Insurance & Employee/Spouse/Child Supplemental life • Voluntary Short/Long Term Disability Insurance • 401K (Roth/Traditional) • A generous PTO plan that celebrates your commitment and seniority (including paid Bereavement/Jury Duty, etc) • Above market annual bonuses