SIEM/SOAR Engineer

Summary

Join DGR Systems as a skilled SIEM/SOAR Engineer to design, implement, and optimize security solutions for our clients. You will be responsible for developing and maintaining custom log sources, creating correlation rules, and managing automated response playbooks. The ideal candidate possesses in-depth knowledge of SIEM architecture, strong experience with SOAR platforms, and excellent communication skills. You will collaborate with customer security teams and work with other teams to ensure alignment of security operations processes. DGR Systems offers a comprehensive benefits program including health care plans, life insurance, paid time off, and a work from home program.

Requirements

• In-depth knowledge of SIEM architecture, data collection, event correlation, and alerting mechanisms
• Strong experience with SOAR platforms and automated workflows
• Familiarity with cloud security platforms (e.g., Azure, AWS, GCP) and their integration with SIEM and SOAR
• Understanding of security principles, threat detection, and incident response
• Strong problem-solving and troubleshooting abilities
• Excellent communication and collaboration skills
• Ability to work independently and in a team-oriented environment
• Strong attention to detail and a passion for cybersecurity

Responsibilities

• Design, deploy, and optimize SIEM systems (e.g., Microsoft Sentinel, Splunk, QRadar)
• Develop and maintain custom log sources, data connectors, and parsing rules to meet customer needs
• Create and optimize correlation rules, detection rules, and alerts for security events and incidents
• Perform regular tuning and fine-tuning of the SIEM platform to improve accuracy and reduce false positives
• Monitor and analyze SIEM logs and alerts to identify security incidents and anomalies
• Design, implement, and manage automated response playbooks within the SOAR platform (e.g., Azure Logic Apps, Palo Alto Networks Cortex XSOAR, Splunk Phantom) to enhance security operations
• Integrate SIEM, threat intelligence, ticketing systems, and other security tools to create seamless, automated workflows
• Develop and maintain automated incident response workflows to reduce response times and improve incident handling
• Collaborate with customer security teams to identify areas for automation in threat detection and incident response
• Work with other teams to ensure alignment of security operations processes and threat detection strategies
• Provide regular reports on the status and effectiveness of SIEM and SOAR tools for customers
• Assist in generating reports for compliance, audit, and executive leadership

Preferred Qualifications

Reside in the Midwest, Southeast, or Southwest areas of the United States

Benefits

• Group Health Care Plans (Medical, Dental & Vision)
• Company Paid Life Insurance (Basic & AD&D)
• Company Paid Short Term & Long Term Disability
• Company Paid Family Leave (Maternity, Paternity)
• Voluntary Insurance Options (Voluntary Life, Accident Insurance, Critical Illness Insurance)
• 401(k) with Company Match
• Paid Time Off (Vacation, Sick & Public Holidays)
• Certification Reimbursement
• Work From Home Program
• Wellness Resources