CrawlJobs Logo
Vodafone Logo Vodafone · IT - Software Development

SIEM Onboarding Engineer

India, Pune · Job Posted June 15, 2026
Apply Position
Job Link Share

Job Description

We are seeking an experienced SIEM Engineer to support the onboarding and integration of security log sources into the Google SecOps platform for EU markets. The individual will play a key role in ensuring high-quality telemetry is available to support threat detection, investigation, compliance, and operational monitoring. This role combines hands-on engineering delivery with collaboration across cyber security teams and stakeholders, contributing to reliable and scalable data ingestion pipelines and governance standards.

Job Responsibility

  • Onboard, transform, validate and deliver telemetry, logs and event sources into Google SecOps using scalable and reusable ingestion patterns
  • Configure, troubleshoot and optimise data ingestion pipelines to ensure reliability, consistency and performance
  • Implement and maintain data lineage, ownership tagging and metadata standards to support governance and regulatory requirements
  • Diagnose and resolve data ingestion, parsing and data quality issues through structured troubleshooting approaches
  • Collaborate with EU market cyber teams, engineering, and operations stakeholders to gather onboarding requirements and address constraints
  • Validate end-to-end event flows to ensure completeness, accuracy and timeliness of telemetry
  • Contribute to documentation, standardisation and continuous improvement of ingestion practices and processes

Requirements

  • Hands-on experience working with Google SecOps or similar SIEM platforms
  • Strong understanding of diverse security log sources, including firewall, proxy, EDR, IAM, operating systems, cloud audit, applications and network telemetry
  • Experience with log parsing, normalisation and schema mapping
  • Familiarity with ingestion methods such as syslog, APIs, agents, collectors, event hubs and forwarders
  • Scripting and automation skills in Python, PowerShell, Bash or similar languages
  • Proven ability to troubleshoot ingestion pipelines and validate end-to-end data flows
  • Strong collaboration and stakeholder engagement skills, with the ability to work across multidisciplinary teams
  • Working knowledge of cloud platforms (e.g., GCP), data tools (e.g., Elastic Stack) or visualisation tools (e.g., Kibana) is advantageous
  • Exposure to DevSecOps or ITOps environments supporting security data platforms is beneficial

Nice to have

  • Working knowledge of cloud platforms (e.g., GCP), data tools (e.g., Elastic Stack) or visualisation tools (e.g., Kibana) is advantageous
  • Exposure to DevSecOps or ITOps environments supporting security data platforms is beneficial

What we offer

  • Opportunity to work on large-scale, multi-market cyber security initiatives within Vodafone
  • Exposure to advanced SIEM and cloud security technologies, including Google SecOps
  • A collaborative environment with cross-functional teams across engineering, operations and cyber security
  • The ability to shape and improve security telemetry, contributing directly to threat detection and regulatory compliance
  • Continuous learning through hands-on problem-solving, automation and modern data ingestion practices
Vodafone - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

SIEM Onboarding Engineer

8 matching positions

Cyber Onboarding Engineer

Join Vodafone Business Security Enhanced and strengthen the cyber security of th...
Location
Location
United Kingdom , Farnborough
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience of SIEM content creation in a SOC environment
  • Ability to interpret logs and events and identify patterns of behaviour, indications of compromise
  • Knowledge of MITRE ATT&CK and other cyber frameworks
  • IT and Network Security – Windows, Linux, Firewalls, IPS, Security Appliances
  • Experience of programming or scripting (e.g Python,C,Java,Bash)
  • Educated to degree level or equivalent experience
  • Must be able to maintain DV security clearance
Job Responsibility
Job Responsibility
  • Enhance detection content for our SOC Team
  • Ensure feeds into the SIEM are iteratively enhanced
  • Write custom IDS/IPS rules to improve detection capabilities
  • Assist with Vulnerability Scanning activities
  • Produce/Enhance/Refine Monthly Reports for internal and external audiences
  • Configure/Tune SIEM content, Managed Firewalls and IPS systems
  • Monitor Threat Intelligence – internal, open source and commercial feeds
  • Interact with other Cyber Defence, Security and Incident Response teams, within Vodafone, with customers and suppliers
What we offer
What we offer
  • Great pay
  • Bonuses
  • Up to 28 days off plus bank holidays
  • Paid time for charity work
  • Discounts
  • Vouchers
  • Pension plan
  • Amazing learning tools
  • Top-notch parental leave policies
  • Fulltime
Read More
Arrow Right

Senior SIEM Detection Engineer

We are seeking an experienced Senior SIEM Detection Engineer to design, implemen...
Location
Location
United States , Austin
Salary
Salary:
Not provided
dutechsystems.com Logo
Dutech Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in SIEM, cybersecurity, or detection engineering
  • Strong expertise in SIEM detection engineering and alert optimization
  • Experience with log source integration and data normalization
  • Hands-on experience with CrowdStrike SIEM and dashboard development
  • Proven ability in documentation, reporting, and knowledge transfer
  • Strong experience in stakeholder engagement and executive communication
Job Responsibility
Job Responsibility
  • Design and develop SIEM detection rules and alerting mechanisms
  • Optimize alerts to reduce false positives and improve detection accuracy
  • Integrate and onboard log sources across enterprise systems
  • Perform data normalization and parsing to ensure consistent log analysis
  • Build and maintain dashboards and reports for security monitoring and executive visibility
  • Work hands-on with CrowdStrike SIEM for detection and dashboard development
  • Collaborate with security and IT teams to enhance threat detection capabilities
  • Document processes, detection logic, and operational procedures
  • Communicate findings and insights to technical teams and executive stakeholders
  • Support continuous improvement of SIEM performance and security monitoring strategies
Read More
Arrow Right
New

Security Architect

Opportunity to join a premier enterprise Architecture & Delivery team to steer c...
Location
Location
Australia , Melbourne
Salary
Salary:
900.00 - 1100.00 AUD / Day
https://www.randstad.com Logo
Randstad
Expiration Date
July 03, 2026
Flip Icon
Requirements
Requirements
  • 8+ years of professional experience in IT solution design, build, or delivery, with 5+ years dedicated to IT Security, IAM, IGA, PAM, and cloud security environments
  • Expert hands-on experience with Entra ID (including Conditional Access Policies, Connect, B2B/B2C, ZTNA, Graph API) and Okta SSO (SAML, OIDC, OAuth)
  • Strong architectural knowledge of IGA platforms (SailPoint, One Identity, or Saviynt) and PAM architectures (CyberArk or Beyond Trust)
  • Proven understanding of identity-specific threat modelling, DevSecOps mindsets, and frameworks such as MITRE ATTCK and NIST AI RMF across hybrid cloud structures (VMware, AWS, Azure, GCP)
  • Tertiary qualification in IT, Engineering, or a related field, combined with an industry standard certification such as CISSP
  • 8+ years of professional experience in IT solution delivery or design, with 5+ years focused on SIEM, SOAR, Vulnerability Management, and Continuous Threat & Exposure Management (CTEM)
  • Direct experience architecting and implementing solutions using Microsoft Unified SecOps Platforms, Microsoft Sentinel, Microsoft Defender XDR, and Splunk ES/SOAR
  • Technically proficient in securing hybrid cloud environments using native and third-party CASB, M365 E5 Security Services, Intune MDM, and Cloud Workload Protection platforms
  • Comprehensive knowledge of security and architecture frameworks including TOGAF, SABSA, MITRE Atlas, NIST RMF, ISO 27001, ISM, and ASD Essential 8
  • Tertiary qualification in IT, Computing, or Engineering, with highly regarded certifications such as CISSP, AWS Security Specialty, Microsoft AZ-500, or Microsoft SC-100
Job Responsibility
Job Responsibility
  • Architect and implement modern identity and access management (IAM) models leveraging Entra ID, Ping Identity, and auxiliary technologies
  • Deliver secure solution architecture artefacts (such as SAR, SOAP, and NFRs) tailored for identity portfolio epics
  • Design and enforce robust network validation and enterprise authentication policies, including SSO, MFA, Conditional Access, and Passwordless Authentication
  • Lead enterprise migrations involving legacy infrastructure upgrades, Exchange transitions, and broad application onboarding to Entra ID
  • Govern and design solutions for Privileged Identity Management (PIM) and Privileged Access Management (PAM) to secure elevated credentials
  • Automate identity lifecycle processes (Joiner-Mover-Leaver) and configure rigid RBAC models and compliance access reviews
  • Define the secure implementation strategy and construct security controls aligned with Microsoft Azure and M365 E5 Security Services
  • Architect and implement SecOps solutions using Microsoft Defender, Microsoft Sentinel, Unified SecOps Platform, Microsoft Security Copilot, and Splunk ES/SOAR
  • Deliver end-to-end solution architectures and architecture documentation for assigned SecOps portfolio epics
  • Integrate and optimize Azure Sentinel to advance threat detection capabilities, incident response mechanisms, and AI security defense analytics
Read More
Arrow Right
New

Caip (Conditional Access & Identity Protection) Specialist - Vois

We are seeking a skilled CAIP (Conditional Access & Identity Protection) Special...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Approximately 3-6 years of relevant experience in identity and access management
  • Proficient in Microsoft security technologies including Azure AD, Conditional Access, MDCA, MDI, and Identity Protection
  • Knowledgeable in authentication protocols, passwordless strategies, and multi-factor authentication (MFA)
  • Familiar with SIEM tools and integration processes (e.g., ArcSight, Sentinel, or similar platforms)
  • Experienced in handling operational dashboards, compliance reporting, and security documentation
  • A collaborative team contributor with strong analytical thinking and problem-solving abilities
  • Holds a degree in Computer Science, Information Security, or a related discipline
  • Ideally certified in Microsoft Security (e.g., AZ-500, SC-200, SC-300) with an understanding of Zero Trust principles
Job Responsibility
Job Responsibility
  • Operate and maintain Conditional Access policies and Microsoft security solutions, including Microsoft Defender for Cloud Apps (MDCA), Azure AD Identity Protection (AAIP), and Microsoft Defender for Identity (MDI)
  • Monitor, analyse, and respond to identity-related security incidents such as risky sign-ins, MFA challenges, and session anomalies
  • Manage business-as-usual operations including ticket resolution, SLA adherence, change requests, and incident escalations
  • Work collaboratively with engineering teams to onboard new security policies, integrate SIEM tools, and support automation initiatives
  • Participate in governance reviews, compliance audits, and organisational risk assessments
  • Contribute to continuous improvement through upskilling, knowledge sharing, and process enhancements within the CAIP domain
  • Support the onboarding and monitoring of threat detection policies, including risk-based access controls and privileged identity management activities
What we offer
What we offer
  • Opportunity to work with advanced Microsoft Cloud Security technologies in a globally recognised organisation
  • Exposure to large-scale enterprise security environments and complex identity protection challenges
  • A collaborative environment that supports continuous learning, innovation, and career progression
  • Involvement in impactful cybersecurity initiatives that directly strengthen organisational resilience
  • Access to cross-functional projects and opportunities to expand knowledge across cloud security domains
Read More
Arrow Right
New

Sr. Network Security Engineer

Sr. Network Security Engineer – Direct Hire/Local Field Support 4755 CHI Health...
Location
Location
United States , Chicago
Salary
Salary:
110000.00 - 150000.00 USD / Year
tier4group.com Logo
Tier4 Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of senior-level network + security engineering experience
  • Strong multi‑vendor background — Cisco, Meraki, Palo Alto, Fortinet, SonicWall, Ubiquiti, Ruckus, etc.
  • Deep knowledge of routing & switching, VLAN segmentation & VRFs, QoS, DNS, NAT, 802.1X, RADIUS, EAP-TLS, IDS/IPS, DNS filtering, gateway security layers
  • Experience with Auvik or similar monitoring and packet capture tools
  • Ability to operate effectively in environments with limited physical control
  • Broad familiarization with adjacent IT domains (Windows servers, infrastructure, general enterprise systems)
  • Outstanding communication skills
  • Highly self-managed — able to operate remotely with limited oversight
Job Responsibility
Job Responsibility
  • Architect, deploy, and support LAN/WAN and wireless networks across multi‑site healthcare environments (Ubiquiti, Meraki, Cambium, Aruba, Cisco, Ruckus)
  • Configure and maintain next‑gen firewalls (Palo Alto, Fortinet, SonicWall, Meraki) across diverse environments
  • Lead Zero Trust initiatives, including ZTNA, Network Access Control (NAC), Micro‑segmentation, VPN reduction & identity‑based access strategies
  • Serve as Tier 3 escalation (approx. 70% of workload)
  • Diagnose and resolve high-impact issues including spanning tree loops, routing anomalies, physical mispatch events, rogue devices, and wireless instability
  • Perform deep traffic analysis, packet captures, and threat analytics using NetFlow, Auvik, and firewall telemetry
  • Execute projects ranging from small firewall upgrades to large-scale deployments
  • Support technology refreshes across newly onboarded communities
  • Represent the Network Engineering function in high-visibility meetings
  • Interface with IT Directors, CIOs, CTOs, and virtual IT leaders
  • Fulltime
Read More
Arrow Right

SIEM/SOC Leader

Our team is looking for a motivated and experienced SIEM/SOC Leader (Security in...
Location
Location
Greece , Athens
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor in Engineer in Computer Science or equivalent.
  • Minimum 8 years of experience in the field.
  • Strong hands-on experience with SIEM platforms (engineering, operations, and use-case development).
  • Solid understanding of log management, including ingestion, parsing, normalization, and correlation.
  • Experience with common log sources (OS, network, IAM, endpoint, cloud, and application logs).
  • Knowledge of detection engineering, SOC operations, and incident triage processes.
  • Familiarity with threat intelligence and enrichment techniques.
  • Experience with scripting and automation (e.g., Python) and API integrations.
  • Working knowledge of query languages such as KQL, SPL, or SQL-like.
  • Understanding of ITIL-based service management (incident, problem, change processes).
Job Responsibility
Job Responsibility
  • Own and manage the end-to-end SIEM service, including onboarding of log sources, detection use cases, and continuous improvements.
  • Define and maintain the SIEM operating model, backlog, priorities, and delivery roadmap.
  • Ensure SIEM platform health (log ingestion, parsing, normalization, storage, performance, retention, and capacity).
  • Manage integrations (log collectors, APIs, cloud connectors) and oversee upgrades and maintenance.
  • Develop and maintain detection rules, correlation logic, dashboards, and analytics.
  • Govern the full detection lifecycle (design, build, test, deploy, tune, retire).
  • Improve detection quality by reducing false positives and enhancing alert accuracy.
  • Integrate and operationalize threat intelligence (IoCs, TTPs) and enrich detections with contextual data.
  • Ensure alerts are actionable, with clear triage guidance, severity levels, and response playbooks.
  • Collaborate with SOC and Incident Response teams on incident handling, escalations, and post-incident improvements.
What we offer
What we offer
  • Health insurance for the employee and one dependent family member (100% paid by NTT DATA)
  • Meal vouchers of 120€ per month (x12)
  • Corporate mobile phone: subscription & device
  • Teleworking equipment allowance
  • Udemy Account
  • Access to Open Up mental health service
  • 28 days of paid annual leave consisting of your legal holidays and compensation days
  • Fulltime
Read More
Arrow Right

Splunk Development & Administration Cyber Security Analyst

The ideal candidate will work primarily on Splunk Administration (L2 Support) ho...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Implement and manage Splunk applications and add-ons version upgrades and lifecycle management
  • Perform data onboarding, parsing, normalization, and STIX-based input/output integration for security and compliance use cases
  • Design, develop, optimize, and troubleshoot Splunk dashboards, searches, alerts, and reports
  • Manage and optimize Splunk configurations including inputs.conf, props.conf, transforms.conf, and other deployment configurations
  • Monitor and maintain Splunk infrastructure components such as Indexers, Search Heads, Forwarders, and Cluster environments
  • Investigate incidents, perform root cause analysis (RCA), resolve operational issues independently
  • Execute controlled deployments of Splunk apps, add-ons, knowledge objects, and configuration changes across environments
  • Collaborate with application teams, data owners, and analysts for onboarding, validation, troubleshooting, and optimization of log sources
  • Configure and support integrations with enterprise platforms including ServiceNow, AWS, Azure, GCP, DB Connect, ITSI, Akamai, ServiceNow, Okta Identity
  • Handle user provisioning, RBAC access management, and security governance within Splunk environments
Job Responsibility
Job Responsibility
  • Implement and manage Splunk applications and add-ons version upgrades and lifecycle management
  • Perform data onboarding, parsing, normalization, and STIX-based input/output integration
  • Design, develop, optimize, and troubleshoot Splunk dashboards, searches, alerts, and reports
  • Manage and optimize Splunk configurations
  • Monitor and maintain Splunk infrastructure components
  • Investigate incidents, perform root cause analysis (RCA), resolve operational issues
  • Execute controlled deployments of Splunk apps, add-ons, knowledge objects
  • Collaborate with application teams, data owners, and analysts
  • Configure and support integrations with enterprise platforms
  • Handle user provisioning, RBAC access management, and security governance
What we offer
What we offer
  • Inclusive and respectful work environment
  • All positions are open to people with disabilities
  • Fulltime
Read More
Arrow Right
New

Senior IT Workstation Engineer

Full-time - Paris - Hybrid remote work (4 days a week / 1 remote day per week). ...
Location
Location
France , Paris
Salary
Salary:
55000.00 - 63000.00 EUR / Year
assessfirst.com Logo
Assessfirst
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Technical aptitude
  • Communication skills
  • Creativity and innovation
  • Mechanical skills
  • Google Meet
  • Proven experience managing Apple environments
  • Strong MDM platform expertise (Kandji or JAMF)
  • Okta platform management
  • Solid understanding of SaaS administration (Google Workspace, Slack, Okta)
  • Strong interest in artificial intelligence and emerging technologies
Job Responsibility
Job Responsibility
  • Apple Ecosystem Management (management of Apple France fleet, advanced administration of Kandji MDM, management and operational maintenance of DNS Proxy, update campaigns and security policy deployment, hardware inventory management)
  • Support & Operations (Level 2 support, IT onboarding of new employees, IT offboarding and equipment return, daily equipment provisioning, user training)
  • Infrastructure & Offices (meeting room management and audiovisual equipment, coordination with Office Management Team, building access control supervision, relations with network and infrastructure providers)
  • Projects & Evolution (drive AI transformation, develop and deploy automations, ensure security through SIEM monitoring, participate in IT stack modernization initiatives)
What we offer
What we offer
  • Salary range €55K - €63K
  • 4-day work week after your first month
  • 5 weeks of paid vacation
  • Flexible remote work
  • 75% of Navigo Pass or 20€ monthly sustainable allowance
  • Alan health insurance – 66% covered for you and your children, 40% for your partner
  • Meal vouchers - Swile Card – €9 per working day, 50% funded by Welcome
  • Fulltime
Read More
Arrow Right