About the Role

We are seeking a seasoned Senior Engineer with strong SOC/SIEM experience to join our team for the XSIAM project supporting government clients. This role focuses on the deployment and migration of SIEM solutions, working closely with customers to deliver quick wins while ensuring smooth onboarding of data sources and development of correlation rules.

You will be a key project engineer interfacing directly with clients, driving implementation efforts, and contributing to the success of SIEM initiatives. Technical skills such as Python scripting, query languages, and regex are important but secondary to your SOC/SIEM expertise and ability to learn and adapt on the job.

Key Responsibilities

• Lead and execute SIEM deployment and migration projects for government clients.
• Work closely with SOC teams and stakeholders to onboard data sources using parsing and regex-based rules.
• Develop and refine correlation rules using Python and query languages to detect relevant security events.
• Collaborate with clients to understand their environment and deliver quick-win solutions during deployment.
• Troubleshoot and resolve issues related to data ingestion, rule creation, and SIEM performance.
• Document processes, configurations, and lessons learned to support knowledge sharing and future projects.
• Continuously learn and adapt to new technologies, SIEM features, and security threats.

Essential Skills & Experience

• 5+ years of hands-on experience working in SOC environments with a strong focus on SIEM technologies.
• Proven track record of SIEM deployment, migration, or major upgrades, preferably in government or highly regulated environments.
• Intermediate proficiency in Python scripting for automation and rule creation.
• Strong knowledge of query languages specific to SIEM platforms (e.g., SPL, KQL, or similar).
• Experience with regex for parsing and onboarding diverse data sources.
• Ability to communicate effectively with technical and non-technical stakeholders.
• Security clearance: Minimum NV2 (required for Canberra-based government projects).

Desirable

• Experience with XSIAM or similar advanced SIEM/XDR platforms.
• Familiarity with SOC operations, incident detection, and response workflows.
• Knowledge of automation tools and frameworks within security operations.