SIEM Implementation - Subcontractor

Area(s) of responsibility

We are seeking an experienced SIEM Implementation Engineer to lead the design, deployment, and optimization of CrowdStrike Next-Gen SIEM. This role involves end-to-end implementation, log source onboarding, use case development, and integration with security operations to enhance threat detection and response capabilities.

Key Responsibilities

• Design, deploy, and configure CrowdStrike NG SIEM platform from scratch.
• Identify, onboard, and normalize log sources (servers, endpoints, network devices, cloud).
• Develop and maintain parsing rules, correlation logic, dashboards, and threat detection use cases.
• Integrate SIEM with EDR, threat intelligence, and security workflows for improved visibility.
• Collaborate with SOC teams to define alerting mechanisms and incident response processes.
• Conduct risk assessments, security audits, and ensure compliance with frameworks (NIST, ISO 27001).
• Optimize SIEM performance, tune rules, and reduce false positives.
• Automate SIEM tasks using PowerShell, Python, or similar scripting tools.
• Provide documentation, training, and technical guidance to internal teams.
• Stay updated on SIEM advancements, CrowdStrike best practices, and emerging threats.
  
  

• Education: Bachelor’s degree in Computer Science, Information Security, or related field (Master’s preferred).
• Experience:
• 6–10+ years in cybersecurity with strong SIEM implementation experience.
• Proven expertise in CrowdStrike NG SIEM deployment and administration.
• Technical Skills:
• Deep understanding of log collection, event correlation, and threat detection methodologies.
• Familiarity with MITRE ATT&CK, incident response workflows, and compliance frameworks.
• Strong scripting and automation skills (PowerShell, Python).
• Certifications:
• CrowdStrike Certified Falcon Administrator (mandatory).
• Additional security certifications (CISSP, CISM) preferred.
• Strong analytical, troubleshooting, and problem-solving skills.