This role will lead the development and implementation of intelligent security solutions using SIEM, SOAR, and machine learning to enhance detection, response, and operational efficiency across the enterprise.

Key Responsibilities :

- Design, implement, and manage enterprise SIEM (Splunk) solutions for centralized log analysis and real-time event monitoring.

- Develop and fine-tune correlation rules, alerts, dashboards, and use cases to detect anomalous and malicious activity.

- Lead data ingestion and normalization from varied enterprise systems (e.g., cloud workloads, endpoints, network devices).

- Develop and maintain SOAR playbooks to automate incident detection, triage, response, and recovery.

- Optimize SOAR workflows and integrations with security infrastructure to reduce MTTD/MTTR.

- Build and apply machine learning models to identify security anomalies, enrich event context, and predict threats.

- Collaborate with Security Operations Center (SOC), DevOps, IT, and business units to align security automation with business goals.

- Analyze incident data to uncover trends and provide recommendations for improving controls and detection.

- Maintain detailed documentation for playbooks, integrations, automation processes, and incident response protocols.

- Stay abreast of industry trends and emerging tools to continually advance detection and automation strategies.

- Mentor junior engineers and assist in promoting SOAR and SIEM best practices across the team.

Required Qualifications :

- 4+ years of experience in cybersecurity engineering, including SIEM (Splunk), SOAR, and machine learning-based threat detection.

- 3+ years of experience in security automation using platforms such as Splunk SOAR, XSOAR, Swimlane, or similar.

- 3+ years in cyber data engineering or analytics : log processing, enrichment, and telemetry pipelines.

- Expertise in scripting languages like Python and PowerShell, and using REST APIs for integrations.

- Proven experience designing and deploying security automation workflows in enterprise environments.

- Bachelor's degree in Computer Science, Information Security, Engineering, or related field-or equivalent experience.

- Ability to troubleshoot complex security issues and integrate with diverse platforms.

- Strong communication and collaboration skills to work with technical and non-technical stakeholders.

Preferred Qualifications :

- Hands-on experience with cloud platforms such as AWS, Azure, or Google Cloud Platform.

- Familiarity with cloud-native security tooling, telemetry pipelines, and serverless security design patterns.

- Experience working within Agile environments and cross-functional DevSecOps teams.

- Knowledge of change management processes, compliance frameworks (e.g., NIST, ISO), and regulatory constraints in financial services.

Why Join This Engagement ?

- Help build the next generation of cybersecurity automation for a major financial institution.

- Work with cutting-edge security architecture in a cloud-first, data-driven environment.

- Contribute to industry-leading practices in SOAR, ML-driven detection, and incident response automation.