YOU ARE:

You are a highly skilled and driven Cyber Security Engineer, passionate about protecting enterprise environments and advancing threat detection capabilities. You thrive in dynamic settings, consistently seeking to improve both the security posture and the operational efficiency of SIEM platforms. Your expertise spans hands-on Elastic SIEM administration, log source onboarding, and the development of advanced threat detection strategies. You bring a collaborative spirit, working closely with application owners, CSIRT, and SecOps teams to align security objectives with business priorities. You possess a deep understanding of cloud and on-prem environments, and you leverage modern technologies and scripting languages to deliver scalable solutions. Your communication skills enable you to translate complex technical concepts into clear documentation and actionable insights. You value autonomy, taking initiative in driving projects forward and continuously exploring new data analytics and machine learning approaches to security challenges. Your curiosity and commitment to learning ensure you stay ahead of emerging threats, and your dedication to quality means you always deliver reliable, well-documented solutions. If you are ready to make a tangible impact on the security landscape at Synopsys, we invite you to join our team of innovators.

WHO YOU ARE:

• Autonomous and self-motivated, able to drive projects independently with minimal supervision.
• Collaborative, with strong interpersonal skills and the ability to partner across teams.
• Analytical and detail-oriented, with a commitment to data quality and operational excellence.
• Effective communicator, adept at explaining complex concepts to diverse audiences.
• Curious and adaptable, eager to learn new technologies and approaches in cybersecurity.
• Innovative, always looking for ways to enhance security operations through automation and data science.

• Implement, administer, and maintain the SIEM platform, ensuring robust and scalable security event management.
• Collaborate with application owners to define and establish logging standards and requirements for enterprise systems.
• Onboard new log sources to the SIEM via syslog, endpoint agents, and APIs, optimizing coverage and visibility.
• Develop parsers, data enrichments, and normalization pipelines to extract actionable insights from diverse log data.
• Design and implement strategies for log data archiving and recovery, supporting compliance and forensic needs.
• Create advanced SIEM correlation rules, reports, and dashboards to detect and respond to emerging threats.
• Document SIEM platform configurations and parser developments for knowledge sharing and operational continuity.
• Partner with CSIRT and SecOps teams to tune threat detection rules, dashboards, and visualization charts for effective incident response.
• Monitor SIEM health, usage, and data growth, proactively addressing performance and scalability challenges.
• Develop data analytics and machine learning capabilities to enhance security use cases and threat detection.