SIEM Architect/Engineer

"I can succeed as a SIEM Architect / Engineer at Capital Group"

We are seeking a highly skilled and hands-on SIEM Architect / Engineer to lead the design, implementation, and optimization of modern SIEM solutions for our enterprise. The ideal candidate requires deep technical expertise in security data engineering, log management, and threat detection, as well as a strong consultative approach to understanding and solving complex security challenges.

Your responsibilities will include:

• Architect, build, and implement scalable and resilient SIEM solutions tailored to customer requirements.
• Leverage modern technologies such as Splunk, Cribl, Snowflake, Databricks and AWS-native services to build advanced detection and investigation capabilities.
• Analyze and normalize diverse security log sources to ensure comprehensive visibility and actionable insights.
• Collaborate with customers to understand their security operations needs and develop tailored SIEM strategies and roadmaps.
• Enable customers to fine-tune detection logic, correlation rules, and alerting mechanisms for maximum effectiveness and minimal noise.
• Integrate platforms with broader security ecosystems including SOAR, EDR, threat intelligence, and cloud-native tools.
• Build and maintain system health checks, high availability configurations, and log pipeline reliability.
• Stay current with emerging threats, SIEM technologies, and industry trends to continuously evolve detection and response strategies.
• Provide expert-level troubleshooting and resolution support for complex SIEM-related issues and performance bottlenecks.

"I am the person Capital Group is looking for."

• You have 5-7 years of experience architecting, deploying, and optimizing SIEM platforms in enterprise environments.
• You've worked hands-on with modern SIEM tools like Cribl, Splunk, AWS, Snowflake, and Databricks, and know how to tailor them to complex environments.
• You understand security telemetry deeply-logs from firewalls, endpoints, cloud services, identity providers, and applications are second nature to you.
• You automate and integrate with ease using Python, Bash, and Terraform, streamlining workflows and boosting efficiency.
• You engineer log pipelines, normalize and enrich data, and ensure it's ready for analysis and detection.
• You communicate clearly and consult effectively, translating technical requirements into business outcomes that matter.
• You're familiar with MITRE ATTACK, and skilled in detection engineering and threat hunting methodologies.
• You have a strong background in cloud security and DevSecOps, and know how to embed security into every stage of development.

In addition to a highly competitive base salary, per plan guidelines, restrictions and vesting requirements, you also will be eligible for an individual annual performance bonus, plus Capital's annual profitability bonus plus a retirement plan where Capital contributes 15% of your eligible earnings.

You can learn more about our compensation and benefits here.

* Temporary positions in Canada and the United States are excluded from the above mentioned compensation and benefit plans.

We are an equal opportunity employer, which means we comply with all federal, state and local laws that prohibit discrimination when making all decisions about employment. As equal opportunity employers, our policies prohibit unlawful discrimination on the basis of race, religion, color, national origin, ancestry, sex (including gender and gender identity), pregnancy, childbirth and related medical conditions, age, physical or mental disability, medical condition, genetic information, marital status, sexual orientation, citizenship status, AIDS/HIV status, political activities or affiliations, military or veteran status, status as a victim of domestic violence, assault or stalking or any other characteristic protected by federal, state or local law.