Ishan Technologies - Cloud Security Engineer - SIEM

Job Summary :

We are looking for a highly skilled and motivated Cloud Security Engineer with hands-on experience in Security Information and Event Management (SIEM) systems.

In this role, you will be responsible for the design, deployment, configuration, and management of SIEM platforms to monitor and secure our cloud infrastructure (AWS, Azure, or GCP).

You will also work closely with Security Operations Center (SOC) teams to identify threats, create detection use cases, and respond to incidents.

Key Responsibilities :

- Design, implement, and maintain SIEM platforms (e.g. , Splunk, Azure Sentinel, IBM QRadar, or Chronicle SIEM).

- Develop and optimize log ingestion pipelines from various cloud-native and hybrid sources (AWS CloudTrail, Azure Monitor, GCP Cloud Logging, firewalls, endpoints, etc.

- Create and fine-tune detection rules, correlation searches, and dashboards to identify security anomalies.

- Build and maintain custom parsers or log source integrations when required.

- Implement and monitor security controls in cloud environments (AWS, Azure, GCP) aligned with best practices (e.g. , CIS Benchmarks, NIST, MITRE ATT&CK).

- Perform real-time log analysis and alert triaging to detect malicious activity or misconfigurations.

- Develop automated response playbooks using SOAR platforms (e.g. , Splunk SOAR, Microsoft Sentinel Automation, XSOAR).

- Assist in threat hunting and proactively look for indicators of compromise (IOCs) in cloud environments.

- Collaborate with DevOps, Cloud Engineering, and SOC teams to ensure end-to-end visibility and protection.

- Work with compliance and governance teams to meet regulatory and audit requirements (e.g. , ISO 27001, SOC 2, PCI-DSS).

- Provide security recommendations based on analysis and findings from SIEM data.

- Support internal and external audits by providing logs and evidence from the SIEM.

Required Qualifications & Skills :

- Bachelor's degree in Cybersecurity, Computer Science, or related field (or equivalent experience).

- 4+ years of experience in Cybersecurity with at least 2 years focused on SIEM in cloud environments.

- Deep knowledge of SIEM platforms (e.g. , Splunk, Sentinel, QRadar, Sumo Logic, Chronicle).

- Strong experience with log analysis, detection rule creation, and event correlation.

- Understanding of cloud-native security tools (e.g. , AWS GuardDuty, CloudTrail, Azure Defender, GCP Security Command Center).

- Knowledge of security frameworks : MITRE ATT&CK, NIST 800-53, CIS, OWASP.

- Proficiency with scripting languages (e.g. , Python, PowerShell, Bash) for automation.

- Familiarity with identity and access management (IAM) and network security principles in cloud