Elastic SIEM Security Architect

Elastic Siem Security Architect

At Synopsys, we drive the innovations that shape the way we live and connect. Our technology is central to the Era of Pervasive Intelligence, from self-driving cars to learning machines. We lead in chip design, verification, and IP integration, empowering the creation of high-performance silicon chips and software content. Join us to transform the future through continuous technological innovation.

You are a highly skilled and driven Cyber Security Engineer, passionate about protecting enterprise environments and advancing threat detection capabilities. You thrive in dynamic settings, consistently seeking to improve both the security posture and the operational efficiency of SIEM platforms. Your expertise spans hands-on Elastic SIEM administration, log source onboarding, and the development of advanced threat detection strategies. You bring a collaborative spirit, working closely with application owners, CSIRT, and SecOps teams to align security objectives with business priorities. You possess a deep understanding of cloud and on-prem environments, and you leverage modern technologies and scripting languages to deliver scalable solutions. Your communication skills enable you to translate complex technical concepts into clear documentation and actionable insights. You value autonomy, taking initiative in driving projects forward and continuously exploring new data analytics and machine learning approaches to security challenges. Your curiosity and commitment to learning ensure you stay ahead of emerging threats, and your dedication to quality means you always deliver reliable, well-documented solutions. If you are ready to make a tangible impact on the security landscape at Synopsys, we invite you to join our team of innovators.

What you'll be doing :

• Implement, administer, and maintain the SIEM platform, ensuring robust and scalable security event management.
• Collaborate with application owners to define and establish logging standards and requirements for enterprise systems.
• Onboard new log sources to the SIEM via syslog, endpoint agents, and APIs, optimizing coverage and visibility.
• Develop parsers, data enrichments, and normalization pipelines to extract actionable insights from diverse log data.
• Design and implement strategies for log data archiving and recovery, supporting compliance and forensic needs.
• Create advanced SIEM correlation rules, reports, and dashboards to detect and respond to emerging threats.
• Document SIEM platform configurations and parser developments for knowledge sharing and operational continuity.
• Partner with CSIRT and SecOps teams to tune threat detection rules, dashboards, and visualization charts for effective incident response.
• Monitor SIEM health, usage, and data growth, proactively addressing performance and scalability challenges.
• Develop data analytics and machine learning capabilities to enhance security use cases and threat detection.

The impact you will have :

What you'll need :

Who you are :

The team you'll be a part of :

You'll join a forward-thinking Cyber Security Engineering team dedicated to building and maintaining world-class security event management infrastructure. The team's core focus is on advancing Synopsys' capabilities in threat detection, incident response, and security analytics. Together, you'll collaborate with CSIRT, SecOps, and business application owners to deliver scalable solutions, drive innovation, and ensure the safety and integrity of Synopsys' global operations.

Rewards and benefits :

We offer a comprehensive range of health, wellness, and financial benefits to cater to your needs. Our total rewards include both monetary and non-monetary offerings. Your recruiter will provide more details about the salary range and benefits during the hiring process.