CrawlJobs Logo
Morson Talent Logo Morson Talent · IT - Software Development

SIEM Application Engineer

United Kingdom · Job Posted January 09, 2026
Apply Position
Job Link Share

Job Description

The SIEM Application Engineer is responsible for the design, deployment, management, and optimisation of Security Information and Event Management (SIEM) platforms to enhance threat detection, monitoring, and incident response capabilities across enterprise environments. This role focuses on building and maintaining scalable SIEM solutions—primarily leveraging Elasticsearch-based technologies—to support security operations, regulatory compliance, and continuous improvement of organisational security posture.

Job Responsibility

  • Design and implement SIEM solutions in collaboration with security analysts and architects
  • Develop, optimise, and maintain detection rules, alerts, and dashboards to improve threat visibility
  • Support the full SIEM lifecycle, including development, deployment, and ongoing optimisation
  • Work effectively with cross-functional security and engineering teams
  • Produce clear technical documentation and present solutions to both technical and non-technical stakeholders
  • Develop efficient queries to extract and analyse security events
  • Monitor SIEM platform health and performance, addressing scalability and efficiency issues
  • Optimise data ingestion pipelines and indexing strategies
  • Contribute to security engineering initiatives, platform transitions, and transformation projects
  • Integrate SIEM with security operations and incident response tooling
  • Stay current with emerging threats, attack techniques, and security best practices

Requirements

  • Strong experience configuring and operating SIEM platforms (Elasticsearch-based solutions preferred)
  • Ability to create, test, and optimise detection rules aligned to the MITRE ATT&CK framework
  • Experience improving detection fidelity while reducing false positives
  • Hands-on experience with Elasticsearch query optimisation, indexing, and mappings
  • Performance tuning of Elasticsearch and Logstash pipelines
  • Experience using Kibana for dashboards, visualisations, and operational monitoring
  • Implementation of access controls, authentication, and encryption within SIEM platforms
  • Understanding of security policy, governance, and regulatory frameworks
  • Experience supporting compliance with data protection and security standards
  • Bachelor’s or Master’s degree in Computer Science, Engineering, Information Systems, or a related field (or equivalent experience)
  • 5+ years’ experience delivering cybersecurity or security engineering solutions
  • Broad experience across enterprise security controls such as SIEM, vulnerability management, access management, and monitoring platforms, ideally from both development and operational perspectives

Nice to have

  • Experience with the Elastic Stack (ELK) in enterprise environments
  • Knowledge of offensive security frameworks and adversary techniques
  • Experience with cloud platforms (public or private), containerisation, and orchestration (e.g. Kubernetes)
  • Familiarity with DevOps practices, Git, and CI/CD pipelines
  • Infrastructure-as-Code experience (e.g. Terraform, Ansible)
  • Relevant cybersecurity certifications
  • 3–5+ years’ experience in cybersecurity engineering or delivery roles
Morson Talent - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

SIEM Application Engineer

8 matching positions

Network & Security Engineer

Network & Security Engineer role at Hewlett Packard Enterprise focusing on desig...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of experience in network and security engineering
  • Strong knowledge of TCP/IP, DNS, DHCP, VPN, and routing protocols
  • Hands-on with firewalls (Palo Alto, Fortinet, Check Point), load balancers (F5, HAProxy)
  • Experience with SIEM/SOAR platforms and log monitoring tools
  • Familiarity with cloud networking (AWS, Azure, GCP)
  • Scripting/automation knowledge (Python, Bash, Ansible) is an advantage
  • Bachelor's degree in Computer Science, IT, Networking, or related field
  • Preferred certifications: CCNA/CCNP/CCSP, Fortinet NSE/Palo Alto PCNSE, Cloud networking/security certifications (AWS, Azure, GCP)
Job Responsibility
Job Responsibility
  • Configure and manage LAN, WAN, VPN, and firewall environments
  • Maintain routing, switching, and load balancing for enterprise networks
  • Troubleshoot network performance issues and optimize throughput
  • Manage firewalls, IDS/IPS, WAF, and network security appliances
  • Implement and monitor network access controls, RBAC, and Zero Trust policies
  • Support vulnerability scanning, patching, and remediation activities
  • Configure and secure cloud networking services (AWS VPC, Azure VNets, GCP VPC)
  • Apply security groups, NACLs, and micro-segmentation in cloud-native platforms
  • Integrate on-premises and cloud networks securely
  • Monitor network traffic for anomalies and potential threats
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Security Engineer II

The Security Engineer II is an individual contributor who will participate and m...
Location
Location
United States , Fountain Valley
Salary
Salary:
83940.00 - 120032.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree in Computer Science, Information Systems, or related field, or equivalent experience
  • Minimum 3 years of IT relevant experience or equivalent combination of experience plus at least 1 year of experience performing Security Engineering/Planning/Operations, preferably with SIEM or vulnerability management
  • Experience in medium to complex computing environments, with advanced knowledge in security technologies and services
  • Hands-on experience with at least two or more of the following Enterprise Security Technologies: Network Intrusion Prevention/Detection
  • Virtual Private Networks
  • SSL, IPSec, and Site-to-Site
  • Enterprise-Class Stateful Inspection Firewalls
  • Network Access Controls in context to Identity Management
  • Windows Server OS & Desktop OS
  • Network Packet Inspection
Job Responsibility
Job Responsibility
  • Design, build, test, and deploy new security technologies, which include the development of the operational manual and run books
  • Provides technical security operations engineering services to support and update existing security systems and works to automate processes related to security implementations, monitoring, and enforcement
  • Investigates, recommends, evaluates, deploys, and integrates operational security tools (e.g., SIEM, vulnerability scanning) and techniques to enhance protection of corporate assets and infrastructure
  • Participate in technical risk assessments and security exposure analyses of systems, networks, and business applications
  • Analyzes network security elements and overall network security architectural designs to ensure secure and optimal system and network performance and cost-effectiveness
  • Oversees the installation, configuration, and supportive processes of security technologies
  • Participate in or lead the Incident Response activities
  • Interacts with internal and external clients on security operations requirements, identifies security processes, and develops strategies/solutions to security issues
  • Keeps fully abreast of trends and changing technologies as they relate to IT, Network Engineering, and Information Security fields
  • Lead or assist in periodic or ad-hoc security reports that provide relevant situational awareness to our senior stakeholders
  • Fulltime
Read More
Arrow Right

Cyber Security Engineer

We are looking for someone dynamic who can quickly adapt to new challenges and f...
Location
Location
Portugal , Lisbon
Salary
Salary:
Not provided
miniclip.com Logo
Miniclip
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 1 year of experience in SOC or similar cybersecurity role with exposure to advanced threat detection and analysis
  • Background in Computer Science, Information Technology, or a related field
  • Proficiency in SIEM platforms (e.g., Sentinel, Splunk, QRadar) and writing custom correlation rules
  • Hands-on experience conducting: Technical Software Security Risk Assessments
  • Vulnerability Assessments in web and/or mobile applications, and Physical and Wireless penetration testing
  • Document and report incidents/assessments/findings
  • Understanding of cybersecurity standards and frameworks (e.g., ISO27001, NIST, NIS2, OWASP)
  • Availability for work outside of regular hours on short notice to handle emergencies
  • A social and hard-working candidate who thrives in a team environment and is passionate about their work
  • Solid understanding of cyber security best practices and frameworks
Job Responsibility
Job Responsibility
  • Incident handling: Identifying, triaging, and investigating potential security incidents
  • Systems Administration: Understanding system internals and implementing effective countermeasures and remediation strategies on different operating systems
  • Computer Forensic Analysis: Possessing a background in utilizing diverse forensic analysis tools during incident response investigations to assess the scope and depth of compromise
  • Vulnerability Assessment: Review and validate vulnerability reports collected by our systems working closely with cross-functional core/development teams to prioritize and facilitate the remediation of identified vulnerabilities in a timely manner
  • Reporting and documentation: Develop and maintain accurate records of all the incidents, vulnerability reports, assessments, remediation efforts, ensuring clear documentation of findings and resolutions
  • Awareness: Promote security awareness within the organization by conducting training sessions, sharing insights on emerging threats, and fostering a culture of security consciousness
  • Threat Hunting: Performing proactive threat hunting across the group
  • Physical Security: Availability to travel through our different studios to identify physical vulnerabilities and propose remediation measures
Read More
Arrow Right

Security Engineer II

PagerDuty is seeking an Enterprise Security Engineer to join its global IT Opera...
Location
Location
Canada , Toronto
Salary
Salary:
122000.00 - 185000.00 CAD / Year
https://www.pagerduty.com Logo
PagerDuty
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 3 years of experience in the information security industry, with 2+ years in network security or zero-trust, and 2+ years in security architecture or solution experience
  • Knowledge of Information Security concepts, especially in the areas of security threats, analyzing security logs and driving Incident response
  • Knowledge and practical experience in network security and zero-trust
  • Understanding of the IAM cybersecurity landscape, including identity stores, authentication/authorization, strong authentication, and privileged access management capabilities and methodologies
  • Understanding of security technologies and concepts, including SIEM, MDR/XDR, EDR and vulnerability management
  • Understanding of security best practices and frameworks (e.g., MITRE ATT&CK, NIST Cybersecurity Framework)
  • Knowledge of incident response processes
Job Responsibility
Job Responsibility
  • Partner closely with CISO organization to design and implement enterprise IT security architectures and solutions
  • Tracking the evolution of cutting-edge security technologies, and keeping up to date of the latest security threats and trends
  • Focus on enterprise security and zero-trust technology, serving as the principal technical expert in this area within the Enterprise Security department
  • Monitors security alerts and leads the team in identifying and responding to security threats
  • Monitors systems for vulnerabilities, provides prioritization, and drives remediation efforts
  • Working cross-functionally to triage suspicious activity and drive remediation (performing L2-L3 duties as needed)
  • Analyzing threat intelligence feeds to develop metrics, alerts, and techniques to protect against new and emerging attack vectors
  • Develop metrics, thresholds, alerts, dashboards, and incident response playbooks
  • Drive the design and development of automated security response and maintenance solutions
  • Oversee our workstation vulnerability management & endpoint compliance program
What we offer
What we offer
  • Competitive salary
  • Comprehensive benefits package
  • Flexible work arrangements
  • Company equity
  • ESPP (Employee Stock Purchase Program)
  • Retirement or pension plan
  • Generous paid vacation time
  • Paid holidays and sick leave
  • Dutonian Wellness Days & HibernationDuty - companywide paid days off in addition to PTO
  • Paid parental leave: 22 weeks for pregnant parent, 12 weeks for non-pregnant parent
  • Fulltime
Read More
Arrow Right

Senior Information Security Engineer

Serve as a technical leader in our Security team reporting to our Information Se...
Location
Location
United States , Boston
Salary
Salary:
150000.00 - 190000.00 USD / Year
whoop.com Logo
Whoop
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Information Security, or a related technical field and/or advanced certifications (CISSP, CISM, AWS Security Specialty, SANS, etc.)
  • 8+ years of hands-on experience in Information Security, IT Security, or a related role, including at least 2 years in a senior or lead capacity
  • Proven track record implementing and managing advanced security technologies (e.g., CASB, CNAPP, CSPM, SIEM, SOAR, DLP, SWG)
  • Experience securing AI/ML systems or APIs, including governance of third-party AI integrations and organizational use of AI tools
  • Strong understanding of modern cloud security architecture (AWS, Azure, GCP) and experience performing threat modeling and risk assessments on cloud-based systems
  • Hands-on experience with application security tooling (SAST, SCA, DAST) and embedding secure development practices
  • Demonstrated leadership in security incident response, investigations, and root cause analysis
  • Effective communicator with the ability to influence stakeholders and explain security concepts to technical and non-technical audiences
  • Strong project management skills and the ability to drive initiatives to completion in a fast-paced environment
  • Experience mentoring engineers and setting operational standards
Job Responsibility
Job Responsibility
  • Implement and enhance security controls by leading the deployment, integration, and tuning of solutions such as CNAPP, SIEM, CASB, EDR, DLP, and MDM to maximize effectiveness
  • Support security design decisions by providing subject matter expertise on cloud and SaaS security best practices while influencing architecture led by the Security Architect role
  • Lead incident response and investigations by guiding containment, remediation, root cause analysis, and post-incident improvements
  • Strengthen application security by overseeing secure development practices and managing SAST, SCA, and DAST tooling
  • Advance identity and access management by supporting IAM policy enforcement, SSO, MFA, SCIM, RBAC, and user lifecycle governance
  • Secure AI systems and integrations by assessing and protecting embedded APIs and organizational AI tool usage to ensure resilience, privacy, and compliance
  • Collaborate cross-functionally by working with Engineering, IT, and GRC teams to embed security into systems and workflows
  • Mentor and influence by providing technical guidance, reviewing work, and promoting security-first thinking across the organization
  • Stay ahead of threats and regulations by tracking emerging risks, technologies, and compliance requirements to inform forward-looking strategies
  • Participate in and help improve the on-call rotation by providing guidance, escalation support, and driving improvements in response processes
What we offer
What we offer
  • competitive base salaries
  • meaningful equity
  • generous equity package
  • Fulltime
Read More
Arrow Right

Sr. Cybersecurity Engineer – SIEM & SOAR

Location
Location
United States , Austin
Salary
Salary:
Not provided
dutechsystems.com Logo
Dutech Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Graduation from an accredited four-year college or university with major coursework in computer science, computer information systems, software engineering, cybersecurity, or a related field
  • Two (2) years of full-time experience in software development, cloud engineering, SIEM engineering, or cybersecurity engineering
  • Knowledge of Microsoft Sentinel architecture, SOAR, and UEBA capabilities
  • Knowledge of Azure cloud services, Logic Apps, Azure Functions, Event Hubs, Key Vault, and Azure AD
  • Knowledge of security operations processes (triage, threat detection, incident response, threat modeling)
  • Knowledge of MITRE ATT&CK, NIST CSF, Zero Trust Architecture concepts
  • Knowledge of programming and scripting languages (Python, PowerShell, KQL, C#, JavaScript, or equivalent)
  • Knowledge of CI/CD pipelines, DevOps practices, and Git-based version control
  • Knowledge of API integrations and JSON/YAML structures
  • Skills in building Logic App workflows and custom Sentinel automation playbooks
Read More
Arrow Right

Application Security Engineer

Our Application Security Engineers play a pivotal role in safeguarding our platf...
Location
Location
United States
Salary
Salary:
170000.00 - 210000.00 USD / Year
onepay.com Logo
OnePay
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8–12 years’ experience in application security engineering, DevSecOps, or security platform engineering
  • Deep familiarity with CVSS, MITRE ATT&CK frameworks, OWASP Top 10 and CWE taxonomy
  • Proven experience with AWS core services: IAM, KMS, VPC, EC2, RDS, EKS
  • Hands-on expertise in securing IaC and CI/CD pipelines
  • strong knowledge of policy-as-code tooling
  • Container security experience: Docker, Kubernetes, EKS-related threat surfaces
  • Solid threat modeling and secure code review skills
  • SAST/SCA tool proficiency
  • Experience scripting automation (e.g. Python, Bash, PowerShell) to streamline AppSec tasks
  • Capability to lead in-house AppSec frameworks or tooling development
Job Responsibility
Job Responsibility
  • Architect and implement secure AWS configurations (IAM roles/policies, encryption keys, VPC segmentation)
  • Embed security into CI/CD pipelines and repos using policy-as-code tools (pre-commit hooks, SAST/SCA, IDE tool integrations)
  • Secure container and orchestration environments (EKS, Kubernetes, Docker) per best practices
  • Conduct threat modeling sessions and risk‑driven design reviews early in development
  • Perform secure code reviews and static/dynamic analysis
  • oversee remediation with dev teams
  • Automate repetitive security tasks—vulnerability triage, code scanning, tool orchestration
  • Build and extend in-house AppSec automation frameworks or pentest tooling
  • Partner with security architecture and detection teams (SIEM tuning, logging, telemetry alignment)
  • Develop and enforce AppSec standards and patterns across product teams
What we offer
What we offer
  • Competitive base salary, stock options, and health benefits from Day 1
  • 401(k) plan with company match
  • Remote-friendly (US), flexible time off (FTO), and opportunities for growth
  • A high-growth, mission-driven, inclusive culture where your work has real impact
  • Fulltime
Read More
Arrow Right

Cyber Threat Detection Engineer

Rearc is looking for a Cybersecurity Threat Detection Engineer with proactive co...
Location
Location
United States
Salary
Salary:
Not provided
rearc.io Logo
Rearc
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of experience in Cybersecurity with a focus on: Log streaming
  • Cybersecurity data lakes and data warehousing
  • SOAR engineering
  • SIEM engineering, administration, architecture, and operations
  • Data science, statistical analysis, and threat detection development
  • Integrating disparate IT, OT, and business applications into SIEM systems
  • Bachelor's degree in Management Information Systems, Computer Science, or a related field
  • A strong passion for Cybersecurity and a commitment to staying current with industry trends, best practices, and tools
  • Proven experience in documenting, socializing, and operationalizing Cybersecurity technologies and processes
  • Prior programming experience in Python, SQL, and Apache Spark
Job Responsibility
Job Responsibility
  • Utilize NDR, EDR, real-time streaming, and SIEM technologies to develop robust threat detection capabilities
  • Build and optimize detection rules leveraging real-time data streaming to enhance detection accuracy
  • Design enrichment pipelines and automation workflows to enhance the precision of threat detections
  • Develop correlation logic and automated processes to create high-fidelity threat alerts
  • Build compliance and recoverability of customer Data Analytics solutions, including SOPs, data onboarding, normalization, enrichment, and system maintenance
  • Create automation playbooks for incident triage and response
  • Align detection content with customer-specific Use Case Frameworks and provide metrics on cybersecurity threats impacting their environment
  • Collaborate with customer cybersecurity teams to cover gaps and enhance enterprise posture
  • Support enterprise Cybersecurity, Information Technology (IT), and Operational Technology (OT) teams by providing dashboards and other data exploration tools
  • Stay continually aware of emerging cybersecurity threats and trends, adapting detection strategies as needed
Read More
Arrow Right