SIEM Enrichment & Monitoring

2 - 3 Years
1 Opening
Hyderabad

Role Overview
The SIEM Senior Engineer is responsible for hands-on engineering, enrichment, and monitoring of security s using Splunk. This role focuses on building high-quality detections, enriching s with meaningful context, and improving SOC analyst efficiency by reducing false positives and improving signal quality. The role works closely with SOC Analysts, SIEM Leads, and Security Engineering teams.
Key Responsibilities
Engineer, maintain, and tune Splunk-based SIEM s and correlation rules.
Monitor security s to ensure accuracy, relevance, and operational readiness.
Continuously tune s to improve signal-to-noise ratio and reduce false positives.
Implement enrichment using identity, asset, vulnerability, and threat intelligence data.
Ensure s contain actionable context such as user, asset, privilege, and business impact.
Support Splunk log onboarding, data normalization, and CIM compliance.
Optimize SPL searches, dashboards, and saved searches.
Support L2/L3 troubleshooting for SIEM s and ingestion issues.
Develop detection use cases aligned to the MITRE ATT&CK framework.
Maintain SOPs, runbooks, and SIEM documentation.
Required Skills & Experience
3-5 years of experience in SIEM, SOC, or Security Engineering roles.
Strong hands-on experience with Splunk
Proven experience in SIEM creation, tuning, and enrichment.
Strong understanding of security telemetry across endpoint, network, cloud, and IAM.
Proficiency in SPL (Search Processing Language).
Understanding of SOC workflows and incident triage.
Familiarity with the MITRE ATT&CK framework.
Preferred Qualifications
Experience integrating Splunk with IAM, CMDB, vulnerability, and threat intelligence tools.
Exposure to SOAR platforms and automated response workflows.
Scripting experience using Python or PowerShell.
Experience working in regulated environments such as healthcare or financial services.
Relevant Splunk or security certifications.

siem,security s, tuning, enrichment,