Sr. Security Engineer - SIEM, Automation & Elastic Security

Sr. Security Engineer - SIEM Automation & Elastic Security

Share by Email

Share on LinkedIn

Share on X

Share on Facebook

Careers

Search Jobs

Sr. Security Engineer - SIEM Automation & Elastic Security

Apply

Req. Number 2026-48703

Posted Date 3172026

Full Address 450 S. Orange Ave Orlando FL

Overview

SUMMARY Serve as a senior member of the Cybersecurity Engineering team responsible for designing implementing and optimizing enterprise security monitoring and automation capabilities. Led the architecture and operational maturity of the organizations SIEM platform with a focus on Elasticsearch and security automation to improve threat detection incident response and visibility across enterprise infrastructure. Partnered with product platform DevOps and security teams to integrate security telemetry automate workflows and strengthen the organizations overall cybersecurity posture.

ESSENTIAL PRIMARY DUTIES FUNCTIONS AND RESPONSIBILITIES

• Design implement and maintain enterprise SIEM infrastructure including Elasticsearch clusters log pipelines indexing strategies and data ingestion from cloud network endpoint and application sources.
• Develop and maintain SIEM detection content including correlation rules dashboards threat detection use cases and alerting frameworks to improve security monitoring and incident detection.
• Lead the Elasticsearch roadmap and platform strategy ensuring scalability high availability performance optimization and alignment with enterprise security initiatives.
• Built security automation workflows and scripts to streamline incident response threat hunting log enrichment and security operations processes.
• Integrate SIEMSOAR capabilities with security technologies including EDR threat intelligence platforms vulnerability scanners identity systems and network security tools to create a unified security monitoring ecosystem.
• Tune and optimized detection logic and log pipelines to reduce false positives and improve signal-to-noise ratio across security monitoring platforms.
• Collaborate with SOC analysts and incident response teams to investigate alerts conduct forensic analysis and identify root causes of security incidents.
• Ingest and operationalized threat intelligence feeds to enhance detection capabilities and proactively identify emerging threats.
• Implement monitoring and alerting frameworks to ensure health performance and availability of SIEM and Elasticsearch infrastructure.
• Analyze network system and application logs to identify security incidents anomalies and threat activity trends.
• Partner with cross-functional IT teams to integrate security telemetry from cloud platforms AzureAWS Linux and Windows servers networking systems and enterprise applications.
• Develop automation workflows for operational security tasks including vulnerability management patch validation and configuration monitoring.
• Support incident response planning and execution leveraging SIEM analytics and automation to accelerate investigation and containment.
• Generate security metrics and reporting on incident trends detection effectiveness and operational KPIs for leadership and governance reporting.
• Assist with cybersecurity audits vulnerability assessments and penetration test remediation efforts.
• Contribute to the development and improvement of security architecture standards policies and governance frameworks.
• Evaluate emerging security technologies and recommend improvements to security monitoring automation and detection capabilities.
• Provide mentorship and guidance to junior security engineers and analysts while promoting security engineering best practices across teams.

JOB REQUIREMENTS SKILLS & EXPERIENCE

EDUCATION AND BUSINESS EXPERIENCE

• Bachelors degree B.A. or B.S. in computer science cybersecurity or a related field from a four-year college or university
• At least 5 years of experience in cybersecurity especially in a security engineering role.
• Three or more years of progressive technology management experience in cross-functional teams
• Strong familiarity with project and program management disciplines methodologies and processes
• Familiarity with the functioning of a program management office and governance frameworks
• Hands on experience with cross-functional execution
• Hospitality industry product development experience is a plus

TECHNICAL EXPERIENCE

• SIEM Platforms Elastic Stack Elasticsearch Logstash Kibana Azure Sentinel
• Automation & Scripting Python PowerShell Bash Ansible
• Security Technologies EDR CASB SASE SWG ZTNA DLP IAM PAMPIM WAF IDSIPS
• Infrastructure Linux Windows Server Cloud AzureAWSGCP network security devices
• Logging & Data Processing Syslog log parsing regexgrok pipelines data normalization
• Security Domains Threat detection incident response threat intelligence integration log analytics security automation

KNOWLEDGE SKILLS AND ABILITIES

• Strong decision-making capabilities with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
• Strong problem-solving and trouble-shooting skills.
• Deep understanding of current and emerging cybersecurity technologies and how other enterprises are employing them to drive digital business and how they may be applied to drive digital business.
• Strong customer service orientation in combination with persuasive skills and diplomacy to lead change and guide decisions.
• Highly self-motivated and directed.
• Team oriented and skilled in working within a collaborative environment
• Ability to appropriately prioritize and execute tasks in a fast-paced service-intensive environment.
• Effective oral and written communication skills including the ability to explain digital concepts and technologies to business leaders as well as business concepts to technologists.
• Ability to effectively interact with all levels of management from individual contributors to the executive team.

CERTIFICATIONS ANDOR LICENSES

• Certified information systems security professional CISSP desired but not required.
• Additional certifications such as GIAC CEH or SIEM platform certifications are beneficial.

WORK ENVIRONMENT AND PHYSICAL DEMANDS

• Ability to stand bend stoop sit walk twist and turn.
• Ability to lift up to 25 pounds occasionally.
• Ability to use a computer keyboard and calculator.

Apply

Sr Financial Analyst - Operations Analysis - Orlando Based 450 S. Orange Ave Orlando FL

Total Rewards Supervisor - Orlando Based 450 S. Orange Ave Orlando FL