Associate Engineer - Platform Security (Fixed Term) at Millennium IT ESP

Colombo, Western Province, Sri Lanka -

Full Time

Start Date

Immediate

Expiry Date

27 Apr, 26

Salary

0.0

Posted On

27 Jan, 26

Experience

0 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Microsoft Sentinel, FortiSIEM, Splunk, Log Collection, Event Correlation, Detection Engineering, Cybersecurity Frameworks, Linux Operating System, PowerShell, Python, Bash, Analytical Skills, Problem-Solving, Communication Skills, Teamwork, Attention to Detail

Industry

IT Services and IT Consulting

Description

Job Description Manage daily operations of Microsoft Sentinel, FortiSIEM, Splunk, and other SIEM tools to ensure stability, performance, and continuous availability Onboard Log Sources & Configure and validate connectors, agents, and ingestion pipelines to ensure accurate log collection, parsing, and normalization from various technologies Create correlation rules, analytics rules, and detection logic while continuously fine‑tuning them to increase true positives and reduce false positives Assist SOC analysts by resolving SIEM‑related issues such as detection failures, log gaps, platform errors, or alert inconsistencies Support SIEM deployments, upgrades, customer onboardings, and feature rollouts by contributing to technical configurations and requirements Map use cases to MITRE ATT&CK, incorporate emerging TTPs, and implement new rules based on threat intelligence and attack trends Perform routine health checks, monitor ingestion pipelines, and proactively address scalability, reliability, or performance-related issues Assist in developing and maintaining automation playbooks to improve SOC efficiency and reduce manual workload Maintain updated documentation, including architecture diagrams, rule libraries, onboarding guides, troubleshooting steps, and operational playbooks Work closely with SOC analysts, network teams, cloud engineers, threat hunters, and customer stakeholders to ensure smooth and secure operations Person Specification Bachelor's degree in Computer Science, Information Security, Cybersecurity, or related disciplines 1–3 years of experience in SOC operations, SIEM administration, security engineering, or related fields Experience with at least one SIEM platform such as Microsoft Sentinel, FortiSIEM, or Splunk Understanding of log collection, parsing, event correlation, and rule creation Knowledge of detection engineering principles and cybersecurity frameworks (e.g., MITRE ATT&CK) Familiarity with security tools such as firewalls, IDS/IPS, EDR, vulnerability scanners, and cloud security services Familiarity with Linux Operating System and scripting knowledge in PowerShell, Python, or Bash is an added advantage Strong analytical and problem‑solving abilities Excellent communication and teamwork skills High attention to detail and a proactive learning mindset Relevant certification such as: Microsoft SC‑200 / AZ‑500, Fortinet NSE 4/5/6, CompTIA Security+, CySA+, CEH or any SOC/SIEM‑related certification Relevant certifications, such as CISSP or CEH, will be an added advantage

Responsibilities

Manage daily operations of SIEM tools to ensure stability and performance. Assist SOC analysts with SIEM-related issues and support deployments and upgrades.