{bc}
linkedin

SIEM Integration role

Gibraltar Technologies LLC
Dubai, UAE
fulltime
Mid-Senior
Today
IntegrationSiem
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

IntegrationSiem
Smart Apply

Full Job Posting

Siem Integration Engineer

*Alternative titles:*

SIEM Engineer, Security Integration Engineer, SOC Integration Specialist

Role Summary

We are looking for a

Siem Integration Engineer

to design, implement, and maintain integrations between enterprise systems and the SIEM platform.

The role focuses on onboarding log sources, normalizing security events, parsing data, building use cases, and improving threat detection visibility across the environment.

The ideal candidate should have hands-on experience with

SIEM tools

,

log management

,

security event correlation

,

API-based integrations

, and

SOC operations

.

Key Responsibilities

  • Integrate and onboard log sources into the SIEM from:
  • Firewalls
  • IDS/IPS
  • EDR/XDR tools
  • Windows/Linux servers
  • Cloud platforms
  • IAM solutions
  • Network devices
  • Applications and databases
  • Configure log collection methods such as:
  • Syslog
  • API
  • Agents
  • Connectors
  • Event hubs/message queues
  • Develop and maintain:
  • Parsers
  • Field extractions
  • Log normalization rules
  • Correlation rules
  • Detection use cases
  • Dashboards and alerts
  • Validate data quality, timestamp accuracy, event mapping, and parsing consistency.
  • Troubleshoot ingestion failures, duplicate logs, missing fields, and performance bottlenecks.
  • Work closely with SOC analysts, security architects, infra teams, and application owners.
  • Support incident investigation by ensuring critical telemetry is available in the SIEM.
  • Optimize log source onboarding for scalability, retention, and compliance requirements.
  • Tune alerts to reduce false positives and improve detection fidelity.
  • Document integration procedures, parser logic, onboarding checklists, and operational runbooks.

Required Skills

  • Strong understanding of
  • SIEM architecture and log flow
  • Experience with one or more SIEM platforms such as:
  • Splunk
  • Microsoft Sentinel
  • QRadar
  • ArcSight
  • LogRhythm
  • Elastic Security
  • Knowledge of security logs from:

• Windows Event Logs

  • Linux syslog
  • Firewall logs
  • Proxy logs
  • Active Directory
  • Cloud audit logs
  • EDR telemetry
  • Hands-on experience with:
  • Log parsing
  • Regex
  • JSON/XML log formats
  • Syslog protocols
  • REST APIs
  • Scripting using Python, PowerShell, or Bash
  • Good understanding of:
  • MITRE ATT&CK
  • Incident response
  • Detection engineering
  • Threat monitoring
  • Familiarity with network and security concepts:
  • TCP/IP
  • DNS
  • HTTP/HTTPS
  • VPN
  • Authentication protocols
  • IAM concepts
  • Ability to analyze and troubleshoot ingestion and correlation issues.

Preferred Skills

  • Experience in cloud SIEM integrations for:
  • AWS
  • Azure
  • GCP
  • Familiarity with SOAR integration workflows
  • Knowledge of compliance logging requirements such as:
  • ISO 27001
  • PCI-DSS
  • HIPAA
  • GDPR
  • Experience creating custom detections and use cases
  • Exposure to threat intelligence feed integration
  • Understanding of data retention, storage, and SIEM licensing impact

Qualifications

  • Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field
  • Typically
  • 3 to 7 years
  • of experience in SIEM, SOC, log management, or security engineering
  • Relevant certifications are a plus:

• Splunk Core And Enterprise Security

  • Microsoft Sentinel certifications
  • QRadar certifications

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at Gibraltar Technologies LLC