Overview

The SIEM Engineer/Security DevOps will be responsible for building and maintaining automation, integrations, and detection logic to support global security operations. This role blends software engineering, cloud infrastructure, and cybersecurity expertise, ensuring compliance with ITIL and ISO 27001/27002 standards. Client: Our client is a multinational company dedicated to cybersecurity, with their team operating in Spain. Project Overview:

Responsibilities:
  • Design and develop automation scripts, integrations, and security workflows using Python.
  • Build and maintain REST API–based integrations across internal and third-party systems.
  • Create ETL pipelines and data collectors for secure, reliable data ingestion and transport.
  • Implement data normalization logic and detection mechanisms to identify policy violations.
  • Manage version control and workflow using Git and JIRA.
  • Build and maintain CI/CD pipelines and automation workflows in Jenkins.
  • Diagnose and troubleshoot network issues using OS and cloud tools (e.g., tracepath, nc, socat).
  • Support and maintain multi-cloud environments across OCI, AWS, GCP, and Microsoft Azure.
  • Apply ITIL principles and ensure compliance with ISO 27001/27002 standards.
  • Review and prepare internal security policies, low-level designs, and operational procedures.
  • Administer and harden Linux systems (including SELinux).
  • Conduct system and application audits across Linux, Windows, and cloud platforms.
  • Support SIEM and log management technologies including Google Chronicle, ObserveInc, and Trellix ESM.
  • Develop and optimize log routing and preprocessing pipelines using Logstash, Vector, and Fluentbit.
  • Collaborate with cross-functional teams to ensure secure integrations and reliable data flow.
  • Participate in continuous improvement initiatives for internal security automation and detection capabilities.
Required Qualifications:
  • Bachelor’s degree in Computer Science, Engineering, Cybersecurity, or a related technical field.
  • 3–5 years of experience in Information Security, Security Automation, or Infrastructure Engineering roles.
  • Strong Python scripting and REST API integration experience.
  • Working knowledge of network fundamentals, including firewalls, routing, and OSI model.
  • Hands-on experience with multi-cloud platforms (OCI, AWS, GCP, Azure).
  • Solid understanding of Linux administration and system hardening practices.
  • Experience with CI/CD tools such as Jenkins and version control with Git.
  • Familiarity with ITIL framework and ISO 27001/27002 compliance processes.
  • Experience managing and troubleshooting SIEM, log ingestion, and data normalization workflows.
Nice To Have:
  • Master’s degree in Cybersecurity, Computer Science, or Engineering.
  • Relevant certifications: GIAC GSEC, AWS Certified Security, ISO 27001 Implementer, or equivalent.
  • Experience with ETL frameworks and large-scale data pipelines.
  • Exposure to security automation, detection engineering, or policy-driven logic.
  • Prior experience with Google Chronicle, ObserveInc, or Trellix ESM platforms.
  • Working knowledge of on-prem virtualization (VMware, Proxmox).
  • Familiarity with DevOps practices and infrastructure as code principles.
  • Experience auditing and hardening Windows and Linux systems in enterprise environments.
Note:

✨ Our intelligent job search engine discovered this job and republished it for your convenience.
Please be aware that the job information may be incorrect or incomplete. The job announcement remains the property of its original publisher. To view the original job and its full details, please visit the job's URL on the owner’s page.

Please clearly mention that you have heard of this job opportunity on https://ijob.am.