SIEM Security Engineer

Summary

Join ALTER SOLUTIONS, a global cybersecurity consulting firm, as a SIEM Security Engineer/Architect. You will play a crucial role in designing, implementing, and maintaining security monitoring solutions using the Elastic Stack. Responsibilities include designing and deploying SIEM solutions, managing log processes, using automation tools, collaborating with various teams, participating in audits, and creating technical documentation. This position requires extensive IT and cybersecurity experience, specifically with the Elastic Stack and automation tools. A CISA certification is strongly preferred. ALTER SOLUTIONS offers a flexible work environment with remote work options, expert communities, and annual training opportunities.

Requirements

• Minimum 10 years of IT experience, including at least 5 years in cybersecurity with proven SIEM expertise
• In-depth experience in the architecture, deployment, and operation of Elastic Stack (Logstash, Elasticsearch, Kibana)
• Strong knowledge of log ingestion, normalization, and processing pipelines
• Hands-on experience with automation tools such as Ansible and scripting (Python or equivalent)
• Demonstrated ability to work with internal and external auditors and regulatory bodies, and to produce clear compliance-related documentation
• Solid understanding of security monitoring compliance requirements
• Fluency in English is mandatory (written and spoken)

Responsibilities

• Designing, deploying, documenting, and improving SIEM solutions
• Maintaining stability and ensuring long-term operability of the SIEM environment
• Developing and managing log collection, normalization, and correlation processes
• Using automation tools (Ansible, Python scripting, etc.) to streamline deployment and operations
• Collaborating with infrastructure, security, and architecture teams to ensure seamless integration of monitoring capabilities
• Participating in internal and external audits
• Interfacing with internal/external auditors and regulators, providing clear, well-documented technical responses regarding monitoring, logging, and control measures in place
• Writing and maintaining technical documentation (architecture, procedures, standards)
• Contributing to continuous improvement initiatives in operational security

Preferred Qualifications

• CISA (Certified Information Systems Auditor) certification
• Strong analytical skills, attention to detail, and ability to communicate clearly and effectively

Benefits

• Remote work available for a majority of our projects
• A Flex Office work environment available to everyone at all times to promote communication and collaboration
• Expert communities to share and disseminate skills within the group
• Close project management and HR support
• Annual training and certification opportunities
• Recognition of our consultants' expertise development
• Strong openness to short-term or long-term international mobility