CrawlJobs Logo
Vodafone Logo Vodafone · IT - Software Development

Siem onboarding engineer

India, Bangalore · Job Posted June 10, 2026
Apply Position
Job Link Share

Job Description

We are seeking an experienced SIEM Engineer to support the onboarding and integration of security log sources into the Google SecOps platform for EU markets. The individual will play a key role in ensuring high-quality telemetry is available to support threat detection, investigation, compliance, and operational monitoring. This role combines hands-on engineering delivery with collaboration across cyber security teams and stakeholders, contributing to reliable and scalable data ingestion pipelines and governance standards.

Job Responsibility

  • Onboard, transform, validate and deliver telemetry, logs and event sources into Google SecOps using scalable and reusable ingestion patterns
  • Configure, troubleshoot and optimise data ingestion pipelines to ensure reliability, consistency and performance
  • Implement and maintain data lineage, ownership tagging and metadata standards to support governance and regulatory requirements
  • Diagnose and resolve data ingestion, parsing and data quality issues through structured troubleshooting approaches
  • Collaborate with EU market cyber teams, engineering, and operations stakeholders to gather onboarding requirements and address constraints
  • Validate end-to-end event flows to ensure completeness, accuracy and timeliness of telemetry
  • Contribute to documentation, standardisation and continuous improvement of ingestion practices and processes

Requirements

  • Hands-on experience working with Google SecOps or similar SIEM platforms
  • Strong understanding of diverse security log sources, including firewall, proxy, EDR, IAM, operating systems, cloud audit, applications and network telemetry
  • Experience with log parsing, normalisation and schema mapping
  • Familiarity with ingestion methods such as syslog, APIs, agents, collectors, event hubs and forwarders
  • Scripting and automation skills in Python, PowerShell, Bash or similar languages
  • Proven ability to troubleshoot ingestion pipelines and validate end-to-end data flows
  • Strong collaboration and stakeholder engagement skills, with the ability to work across multidisciplinary teams

Nice to have

  • Working knowledge of cloud platforms (e.g., GCP), data tools (e.g., Elastic Stack) or visualisation tools (e.g., Kibana)
  • Exposure to DevSecOps or ITOps environments supporting security data platforms

What we offer

  • Opportunity to work on large-scale, multi-market cyber security initiatives within Vodafone
  • Exposure to advanced SIEM and cloud security technologies, including Google SecOps
  • A collaborative environment with cross-functional teams across engineering, operations and cyber security
  • The ability to shape and improve security telemetry, contributing directly to threat detection and regulatory compliance
  • Continuous learning through hands-on problem-solving, automation and modern data ingestion practices
Vodafone - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Siem onboarding engineer

8 matching positions

SIEM Onboarding Engineer

We are seeking an experienced SIEM Engineer to support the onboarding and integr...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience working with Google SecOps or similar SIEM platforms
  • Strong understanding of diverse security log sources, including firewall, proxy, EDR, IAM, operating systems, cloud audit, applications and network telemetry
  • Experience with log parsing, normalisation and schema mapping
  • Familiarity with ingestion methods such as syslog, APIs, agents, collectors, event hubs and forwarders
  • Scripting and automation skills in Python, PowerShell, Bash or similar languages
  • Proven ability to troubleshoot ingestion pipelines and validate end-to-end data flows
  • Strong collaboration and stakeholder engagement skills, with the ability to work across multidisciplinary teams
  • Working knowledge of cloud platforms (e.g., GCP), data tools (e.g., Elastic Stack) or visualisation tools (e.g., Kibana) is advantageous
  • Exposure to DevSecOps or ITOps environments supporting security data platforms is beneficial
Job Responsibility
Job Responsibility
  • Onboard, transform, validate and deliver telemetry, logs and event sources into Google SecOps using scalable and reusable ingestion patterns
  • Configure, troubleshoot and optimise data ingestion pipelines to ensure reliability, consistency and performance
  • Implement and maintain data lineage, ownership tagging and metadata standards to support governance and regulatory requirements
  • Diagnose and resolve data ingestion, parsing and data quality issues through structured troubleshooting approaches
  • Collaborate with EU market cyber teams, engineering, and operations stakeholders to gather onboarding requirements and address constraints
  • Validate end-to-end event flows to ensure completeness, accuracy and timeliness of telemetry
  • Contribute to documentation, standardisation and continuous improvement of ingestion practices and processes
What we offer
What we offer
  • Opportunity to work on large-scale, multi-market cyber security initiatives within Vodafone
  • Exposure to advanced SIEM and cloud security technologies, including Google SecOps
  • A collaborative environment with cross-functional teams across engineering, operations and cyber security
  • The ability to shape and improve security telemetry, contributing directly to threat detection and regulatory compliance
  • Continuous learning through hands-on problem-solving, automation and modern data ingestion practices
  • Fulltime
Read More
Arrow Right

Cyber Onboarding Engineer

Join Vodafone Business Security Enhanced and strengthen the cyber security of th...
Location
Location
United Kingdom , Farnborough
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience of SIEM content creation in a SOC environment
  • Ability to interpret logs and events and identify patterns of behaviour, indications of compromise
  • Knowledge of MITRE ATT&CK and other cyber frameworks
  • IT and Network Security – Windows, Linux, Firewalls, IPS, Security Appliances
  • Experience of programming or scripting (e.g Python,C,Java,Bash)
  • Educated to degree level or equivalent experience
  • Must be able to maintain DV security clearance
Job Responsibility
Job Responsibility
  • Enhance detection content for our SOC Team
  • Ensure feeds into the SIEM are iteratively enhanced
  • Write custom IDS/IPS rules to improve detection capabilities
  • Assist with Vulnerability Scanning activities
  • Produce/Enhance/Refine Monthly Reports for internal and external audiences
  • Configure/Tune SIEM content, Managed Firewalls and IPS systems
  • Monitor Threat Intelligence – internal, open source and commercial feeds
  • Interact with other Cyber Defence, Security and Incident Response teams, within Vodafone, with customers and suppliers
What we offer
What we offer
  • Great pay
  • Bonuses
  • Up to 28 days off plus bank holidays
  • Paid time for charity work
  • Discounts
  • Vouchers
  • Pension plan
  • Amazing learning tools
  • Top-notch parental leave policies
  • Fulltime
Read More
Arrow Right

Senior SIEM Detection Engineer

We are seeking an experienced Senior SIEM Detection Engineer to design, implemen...
Location
Location
United States , Austin
Salary
Salary:
Not provided
dutechsystems.com Logo
Dutech Systems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in SIEM, cybersecurity, or detection engineering
  • Strong expertise in SIEM detection engineering and alert optimization
  • Experience with log source integration and data normalization
  • Hands-on experience with CrowdStrike SIEM and dashboard development
  • Proven ability in documentation, reporting, and knowledge transfer
  • Strong experience in stakeholder engagement and executive communication
Job Responsibility
Job Responsibility
  • Design and develop SIEM detection rules and alerting mechanisms
  • Optimize alerts to reduce false positives and improve detection accuracy
  • Integrate and onboard log sources across enterprise systems
  • Perform data normalization and parsing to ensure consistent log analysis
  • Build and maintain dashboards and reports for security monitoring and executive visibility
  • Work hands-on with CrowdStrike SIEM for detection and dashboard development
  • Collaborate with security and IT teams to enhance threat detection capabilities
  • Document processes, detection logic, and operational procedures
  • Communicate findings and insights to technical teams and executive stakeholders
  • Support continuous improvement of SIEM performance and security monitoring strategies
Read More
Arrow Right

SaaS Security Engineer (SSPM)

The Opportunity: We are seeking a SaaS Security Posture Management (SSPM) Engine...
Location
Location
United States , Phoenix
Salary
Salary:
Not provided
technologent.com Logo
Technologent
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Security Engineering, Cloud Security, SaaS Security, or related cybersecurity disciplines
  • Hands-on experience implementing and managing one or more SaaS Security Posture Management (SSPM) solutions, including: AppOmni, Obsidian, Palo Alto SaaS Security solutions, Adaptive Shield, Wing Security, Valence, or similar SSPM technologies
  • Strong understanding of: SaaS Security Architecture, Identity & Access Management (IAM), Data Protection & Privacy Controls, API Security, Security Monitoring & Detection, SaaS Governance & Risk Management
  • Experience securing and assessing SaaS environments integrated with AWS, Azure, GCP, and/or OCI
  • Proficiency with: Python, PowerShell, REST APIs, Terraform, GitHub, Security Automation Frameworks
  • Experience integrating security tools and building automated workflows across enterprise environments
  • Strong analytical, troubleshooting, documentation, and communication skills
  • Ability to work effectively with technical and business stakeholders in complex enterprise environments
Job Responsibility
Job Responsibility
  • Lead the implementation, configuration, and administration of SaaS Security Posture Management (SSPM) platforms across enterprise environments
  • Continuously assess SaaS applications for security risks, configuration weaknesses, identity governance issues, excessive permissions, and data exposure concerns
  • Monitor and remediate SaaS configuration drift and security posture deviations across business-critical applications
  • Identify and evaluate risks associated with third-party integrations, connected applications, and SaaS ecosystems
  • Establish SaaS security baselines, governance controls, and remediation processes to improve overall security posture
  • Support SaaS onboarding, certification, and security review activities to ensure compliance with enterprise security requirements
  • Develop and maintain integrations between SSPM platforms, Identity and Access Management (IAM) solutions, SIEM platforms, governance tools, and ticketing systems
  • Build automation workflows using APIs, scripting, and Infrastructure-as-Code methodologies to improve operational efficiency and security visibility
  • Create dashboards, reports, and metrics to provide stakeholders with actionable insights into SaaS security posture and compliance status
  • Assess cloud-connected SaaS environments across AWS, Microsoft Azure, Google Cloud Platform (GCP), and Oracle Cloud Infrastructure (OCI)
  • Fulltime
Read More
Arrow Right

Sr. Corporate Systems Security Engineer

Location
Location
Canada , Vancouver
Salary
Salary:
142500.00 - 180750.00 CAD / Year
dialpad.com Logo
Dialpad
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of technical work experience in an information security or security-focused IT role
  • Advocate for security best practices and principles
  • Expertise in security technologies, including Identity and Access Management (IAM), Endpoint Protection, Email Security, Patch Management, SIEM, etc.
  • Knowledge of SAML SSO, OIDC, and SCIM protocols
  • Experience with zero-trust access models and implementing solutions to support zero-trust within modern cloud companies
  • Experience deploying and administering corporate security and identity management platforms
  • Experience with macOS and Windows endpoint security and hardening
  • Okta administration and workflow automation are highly desired
  • Industry certifications such as CISSP, SSCP, or Security+
  • Passion for continuous learning and helping others
Job Responsibility
Job Responsibility
  • Deploy and manage tools to secure and monitor our corporate systems
  • Integrate applications into our access management system, such as Okta, for single sign-on and user provisioning
  • Automate key security and IT processes, including onboarding and offboarding
  • Recommend solutions to enhance the security posture of our corporate systems
  • Respond to security incidents and investigate their root causes
  • Proactively set up and monitor the security framework of corporate systems
  • Stay up to date on the latest security threats and trends
  • Automate onboarding, offboarding, and business processes using automation platforms/APIs
  • Participate in an on-call rotation for our security intake process
  • Build relationships with key stakeholders across IT, Security, Engineering, People Ops, Finance, and Business Operations
What we offer
What we offer
  • Competitive salary
  • Comprehensive benefits
  • Real opportunities for growth
  • Cutting-edge AI tools
  • Robust training program
  • Fulltime
Read More
Arrow Right

Security Architect

Opportunity to join a premier enterprise Architecture & Delivery team to steer c...
Location
Location
Australia , Melbourne
Salary
Salary:
900.00 - 1100.00 AUD / Day
https://www.randstad.com Logo
Randstad
Expiration Date
July 03, 2026
Flip Icon
Requirements
Requirements
  • 8+ years of professional experience in IT solution design, build, or delivery, with 5+ years dedicated to IT Security, IAM, IGA, PAM, and cloud security environments
  • Expert hands-on experience with Entra ID (including Conditional Access Policies, Connect, B2B/B2C, ZTNA, Graph API) and Okta SSO (SAML, OIDC, OAuth)
  • Strong architectural knowledge of IGA platforms (SailPoint, One Identity, or Saviynt) and PAM architectures (CyberArk or Beyond Trust)
  • Proven understanding of identity-specific threat modelling, DevSecOps mindsets, and frameworks such as MITRE ATTCK and NIST AI RMF across hybrid cloud structures (VMware, AWS, Azure, GCP)
  • Tertiary qualification in IT, Engineering, or a related field, combined with an industry standard certification such as CISSP
  • 8+ years of professional experience in IT solution delivery or design, with 5+ years focused on SIEM, SOAR, Vulnerability Management, and Continuous Threat & Exposure Management (CTEM)
  • Direct experience architecting and implementing solutions using Microsoft Unified SecOps Platforms, Microsoft Sentinel, Microsoft Defender XDR, and Splunk ES/SOAR
  • Technically proficient in securing hybrid cloud environments using native and third-party CASB, M365 E5 Security Services, Intune MDM, and Cloud Workload Protection platforms
  • Comprehensive knowledge of security and architecture frameworks including TOGAF, SABSA, MITRE Atlas, NIST RMF, ISO 27001, ISM, and ASD Essential 8
  • Tertiary qualification in IT, Computing, or Engineering, with highly regarded certifications such as CISSP, AWS Security Specialty, Microsoft AZ-500, or Microsoft SC-100
Job Responsibility
Job Responsibility
  • Architect and implement modern identity and access management (IAM) models leveraging Entra ID, Ping Identity, and auxiliary technologies
  • Deliver secure solution architecture artefacts (such as SAR, SOAP, and NFRs) tailored for identity portfolio epics
  • Design and enforce robust network validation and enterprise authentication policies, including SSO, MFA, Conditional Access, and Passwordless Authentication
  • Lead enterprise migrations involving legacy infrastructure upgrades, Exchange transitions, and broad application onboarding to Entra ID
  • Govern and design solutions for Privileged Identity Management (PIM) and Privileged Access Management (PAM) to secure elevated credentials
  • Automate identity lifecycle processes (Joiner-Mover-Leaver) and configure rigid RBAC models and compliance access reviews
  • Define the secure implementation strategy and construct security controls aligned with Microsoft Azure and M365 E5 Security Services
  • Architect and implement SecOps solutions using Microsoft Defender, Microsoft Sentinel, Unified SecOps Platform, Microsoft Security Copilot, and Splunk ES/SOAR
  • Deliver end-to-end solution architectures and architecture documentation for assigned SecOps portfolio epics
  • Integrate and optimize Azure Sentinel to advance threat detection capabilities, incident response mechanisms, and AI security defense analytics
Read More
Arrow Right

Caip (Conditional Access & Identity Protection) Specialist - Vois

We are seeking a skilled CAIP (Conditional Access & Identity Protection) Special...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Approximately 3-6 years of relevant experience in identity and access management
  • Proficient in Microsoft security technologies including Azure AD, Conditional Access, MDCA, MDI, and Identity Protection
  • Knowledgeable in authentication protocols, passwordless strategies, and multi-factor authentication (MFA)
  • Familiar with SIEM tools and integration processes (e.g., ArcSight, Sentinel, or similar platforms)
  • Experienced in handling operational dashboards, compliance reporting, and security documentation
  • A collaborative team contributor with strong analytical thinking and problem-solving abilities
  • Holds a degree in Computer Science, Information Security, or a related discipline
  • Ideally certified in Microsoft Security (e.g., AZ-500, SC-200, SC-300) with an understanding of Zero Trust principles
Job Responsibility
Job Responsibility
  • Operate and maintain Conditional Access policies and Microsoft security solutions, including Microsoft Defender for Cloud Apps (MDCA), Azure AD Identity Protection (AAIP), and Microsoft Defender for Identity (MDI)
  • Monitor, analyse, and respond to identity-related security incidents such as risky sign-ins, MFA challenges, and session anomalies
  • Manage business-as-usual operations including ticket resolution, SLA adherence, change requests, and incident escalations
  • Work collaboratively with engineering teams to onboard new security policies, integrate SIEM tools, and support automation initiatives
  • Participate in governance reviews, compliance audits, and organisational risk assessments
  • Contribute to continuous improvement through upskilling, knowledge sharing, and process enhancements within the CAIP domain
  • Support the onboarding and monitoring of threat detection policies, including risk-based access controls and privileged identity management activities
What we offer
What we offer
  • Opportunity to work with advanced Microsoft Cloud Security technologies in a globally recognised organisation
  • Exposure to large-scale enterprise security environments and complex identity protection challenges
  • A collaborative environment that supports continuous learning, innovation, and career progression
  • Involvement in impactful cybersecurity initiatives that directly strengthen organisational resilience
  • Access to cross-functional projects and opportunities to expand knowledge across cloud security domains
Read More
Arrow Right

Sr. Network Security Engineer

Sr. Network Security Engineer – Direct Hire/Local Field Support 4755 CHI Health...
Location
Location
United States , Chicago
Salary
Salary:
110000.00 - 150000.00 USD / Year
tier4group.com Logo
Tier4 Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of senior-level network + security engineering experience
  • Strong multi‑vendor background — Cisco, Meraki, Palo Alto, Fortinet, SonicWall, Ubiquiti, Ruckus, etc.
  • Deep knowledge of routing & switching, VLAN segmentation & VRFs, QoS, DNS, NAT, 802.1X, RADIUS, EAP-TLS, IDS/IPS, DNS filtering, gateway security layers
  • Experience with Auvik or similar monitoring and packet capture tools
  • Ability to operate effectively in environments with limited physical control
  • Broad familiarization with adjacent IT domains (Windows servers, infrastructure, general enterprise systems)
  • Outstanding communication skills
  • Highly self-managed — able to operate remotely with limited oversight
Job Responsibility
Job Responsibility
  • Architect, deploy, and support LAN/WAN and wireless networks across multi‑site healthcare environments (Ubiquiti, Meraki, Cambium, Aruba, Cisco, Ruckus)
  • Configure and maintain next‑gen firewalls (Palo Alto, Fortinet, SonicWall, Meraki) across diverse environments
  • Lead Zero Trust initiatives, including ZTNA, Network Access Control (NAC), Micro‑segmentation, VPN reduction & identity‑based access strategies
  • Serve as Tier 3 escalation (approx. 70% of workload)
  • Diagnose and resolve high-impact issues including spanning tree loops, routing anomalies, physical mispatch events, rogue devices, and wireless instability
  • Perform deep traffic analysis, packet captures, and threat analytics using NetFlow, Auvik, and firewall telemetry
  • Execute projects ranging from small firewall upgrades to large-scale deployments
  • Support technology refreshes across newly onboarded communities
  • Represent the Network Engineering function in high-visibility meetings
  • Interface with IT Directors, CIOs, CTOs, and virtual IT leaders
  • Fulltime
Read More
Arrow Right