D

Resident Engineer L3 SIEM Admin

icon building Company : Detasad
icon briefcase Job Type : Full Time
icon geo-alt Saudi Arabia

Number of Applicants

 : 

000+

Click to reveal the number of candidates who applied for this job.
icon loader
Apply Now
icon loader Apply Now

Let AI Supercharge Your Job Hunt!

JobCopilot scans 500,000+ company career sites daily to find jobs for you

Never miss an opportunity Save hours by auto-filling applications forms Land more interviews with tailored applications
happy man
thunder iconActivate JobCopilot

Job Description - Resident Engineer L3 SIEM Admin




















JOB PURPOSE



To lead the administration, configuration, optimization, and advanced operations of the organization’s SIEM platforms, primarily supporting Splunk SIEM, while also supporting environments utilizing other SIEM technologies such as QRadar and ArcSight, ensuring effective log ingestion, attack detection, threat analysis, incident investigation support, and continuous improvement of SOC monitoring capabilities, including coordination across teams and support for SIEM platform transition or migration activities when required



 KEY RESPONSIBILITIES



Key Responsibilities




  • Administer, configure, maintain, and optimize enterprise SIEM platforms in production environments.

  • Perform SIEM architecture tuning, performance optimization, and capacity management.

  • Configure and maintain correlation rules, alerts, dashboards, and detection policies to support advanced threat detection.

  • Lead onboarding, parsing, normalization, and ingestion of logs from infrastructure, applications, endpoints, network, and cloud services.

  • Perform advanced log and attack analysis to support threat detection and SOC investigations.

  • Act as escalation point for complex incidents requiring deep log and platform analysis.

  • Support incident response activities by providing log intelligence and assisting investigation and forensic activities when required.

  • Troubleshoot SIEM platform issues and support operational problem resolution.

  • Coordinate investigations and operational activities across SOC, Incident Response, Vulnerability Management, Infrastructure, and application teams.

  • Develop automation scripts and integrations using scripting languages to improve SOC operational efficiency.

  • Support SIEM platform transition or migration initiatives including data source onboarding, validation, and detection use case alignment.

  • Ensure SIEM platform availability, scalability, and storage efficiency.

  • Maintain technical documentation, operational procedures, and configuration standards.

  • Support audit, compliance, and regulatory monitoring requirements through log analysis and reporting



 


































MINIMUM QUALIFICATIONS, EXPERIENCE, SKILLS, AND COMPETENCIES



Qualifications




  • Bachelor’s degree in Cybersecurity, Computer Science, IT or related field.



Professional Certifications




  • Splunk Enterprise Certified Admin (Mandatory)

  • Splunk Enterprise Certified Architect

  • Splunk Enterprise Security Certified Admin

  • Splunk Cybersecurity Defense Analyst

  • CISSP, GCIH, GCIA, or equivalent GIAC certifications

  • GSEC or SOC-related certifications



Years of Experience




  • 5 to 7 years of experience in cybersecurity operations with at least 3+ years of hands-on experience administering Splunk SIEM platforms.



Nature of


Experience




  • SOC operations and incident investigation experience

  • Enterprise SIEM operations in production environments

  • Coordination with infrastructure and security teams

  • Experience in regulated/compliance environments



Job Specific


Skills




  • Log and attack analysis using Splunk, QRadar, or ArcSight

  • SIEM management and configuration for performance tuning and advanced threat detection

  • Troubleshooting, incident coordination, and collaboration with SOC teams

  • Threat analysis and incident response support using forensic investigation techniques

  • Scripting and programming knowledge (Python, Bash, PowerShell)

  • Log onboarding, parsing, and normalization

  • Correlation rule and detection use case development

  • Knowledge of threat detection frameworks such as MITRE ATT&CK

  • Experience handling network, endpoint, cloud, and application logs

  • Strong analytical and troubleshooting skills



Business Language         Skills




  • English and/or Arabic language skills (written and spoken)




 



Original job Resident Engineer L3 SIEM Admin posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs.
Apply Now
thunder iconAuto-Apply to Similar Jobs
Share Job
Share Job
thunder icon

Get your Resume Reviewed for Free

thunder iconAutomate Job Applications for Similar Jobs

Auto-Apply to Resident Engineer Jobs with your AI JobCopilot

thunder icon Auto-Apply with AI

Similar Resident Engineer Jobs in Saudi Arabia

thunder icon

Get your Resume Reviewed for Free

GrabJobs saudi-arabia
facebook icon instagram icon linkedin icon

GrabJobs is the no1 job portal in Saudi Arabia, connecting you to thousands of jobs fast! Find the best jobs in Saudi Arabia, apply in 1 click and get a job today!

Mobile Apps

GrabJobs iOS App logo GrabJobs Android App logo GrabJobs Huawei App logo

Copyright © 2026 Grabjobs Pte.Ltd. All Rights Reserved.

Privacy Policy Terms of Use