Adamsbridge - Senior Security Engineer - SIEM Solutions

We are looking for a Senior Blue Team Security Engineer who is passionate about defending modern infrastructure using open-source tools, scripting, and automation.

The ideal candidate will work closely with our cybersecurity architect and contribute to threat detection engineering, log automation, SIEM operations, and security hardening across the infrastructure stack.

This role requires deep hands-on skills across Linux, scripting, web security, and open-source technologies.

Key Responsibilities :

- Configure, tune, and manage open-source SIEM solutions (e.g., Wazuh) and IDS/IPS tools (e.g., Suricata)

- Automate log ingestion, enrichment, parsing, and correlation using Python, Bash, or PowerShell

- Maintain and customize firewalls (e.g., CSF, PFsense, VyOS) for network-level defense

- Monitor and investigate alerts, vulnerabilities, and anomalies from SAST, DAST, and SIEM

- Deploy and harden NGINX / OpenResty web servers, including custom Lua-based security modules

- Integrate and manage IAM/IDP platforms like Keycloak with OAuth2, JWT, SAML, TOTP, RBAC

- Secure containers and orchestration platforms (Docker, Kubernetes) and enforce best practices

- Implement Linux system hardening and optimize performance for critical workloads

- Collaborate with Red Team and DevSecOps on detection rules, attack simulations, and alert fidelity

- Contribute to a threat-informed defense aligned with HIPAA, SOC2, and Zero Trust

Required Skills :

- Expert-level Linux administration and performance tuning

- Strong proficiency in Python, Bash/Shell, and optionally PowerShell

- Experience with Wazuh, Suricata, Syslog, and log correlation

- Deep hands-on experience in NGINX / OpenResty, including custom configuration and tuning

- Proven automation experience for:

- Log parsing

- Security alerting

- Threat enrichment

- Hands-on with firewall systems like PFsense, VyOS, CSF

- Experience with Keycloak IAM/IDP, OAuth2, JWT, TOTP, RBAC

- Experience with MongoDB (security, logs, field-level encryption optional)

- Experience with Docker and Kubernetes for container security and runtime hardening

- Familiarity with SAST/DAST tools and how to triage and fix issues from reports

Preferred Skills :

- Experience customizing or extending open-source security tools

- Ability to write Lua scripts for OpenResty WAF custom rules

- Familiarity with threat intelligence ingestion (AbuseIPDB, OTX, etc.)

- Knowledge of CI/CD pipeline security (GitHub Actions, GitLab CI, Jenkins)

- Familiarity with compliance frameworks (HIPAA, SOC2, ISO 27001)