Logo-of-Staples-India-Business-Innovation-Hub-hiring-for-jobs-in-India-on-GrabJobs

Lead Security Engineer (SIEM)

Job Description - Lead Security Engineer (SIEM)

Duties & Responsibilities

  • Architect and optimize SIEM platforms (e.g., Microsoft Sentinel, Splunk), including ingestion pipelines, parsing/normalization, enrichment, and correlation logic. 
  • Engineer and operate Cribl Stream and Cribl Edge for log routing, filtering, transformation, enrichment, data reduction, and destination fanout (SIEM, data lake, cold storage). 
  • Design and maintain telemetry onboarding with schema mapping, collectors/agents, connectors, API integrations, replay, and edge collection for diverse sources (endpoint, network, cloud, identity, app). 
  • Develop advanced detections and analytics (rules, queries, correlations) aligned to MITRE ATT&CK, emerging TTPs, and threat intelligence; measure detection efficacy and coverage. 
  • Lead systematic alert tuning to reduce false positives and improve signaltonoise, leveraging Cribl pipelines and SIEM analytics to standardize high -fidelity events. 
  • Build investigation assets (dashboards, hunting queries, data models) that accelerate SOC workflows and rootcause analysis across telemetry domains. 
  • Monitor ingestion health and cost (EPS/GB/day, license utilization), implement Criblbased data controls (sampling, routing, suppression) to ensure reliability and budget adherence. 
  • Perform RCA on detection gaps and pipeline failures; implement durable fixes in Cribl routes/pipelines and SIEM parsing/enrichment layers. 
  • Mentor engineers and analysts on KQL/SPL, detection engineering patterns, Cribl pipeline design, and telemetry best practices; conduct peer reviews and standards governance. 
  • Maintain documentation: data dictionaries, detection catalogs, Cribl pipeline/runbooks, ingestion maps, and metrics reporting on coverage, fidelity, MTTR, and pipeline SLOs.


Requirements

Basic Qualifications
  • Solid understanding of network protocols, data protection mechanisms, and threat landscapes
  • Hands -on experience with security systems, including firewalls, intrusion detection systems, anti -virus software, etc.

Preferred Qualifications
  • Industry -recognized certifications (e.g., CISSP, CISM, CEH)
  • Master’s degree in Cybersecurity or a related field


Original job Lead Security Engineer (SIEM) posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs.
Share Job
Share Job

Similar Lead Security Engineer Jobs in India

GrabJobs is the no1 job portal in India, connecting you to thousands of jobs fast! Find the best jobs in India, apply in 1 click and get a job today!

Mobile Apps

Copyright © 2026 Grabjobs Pte.Ltd. All Rights Reserved.