Addison Group

Security Information and Event Management Engineer (SIEM)

Job Title: SIEM Engineer

Reports To: Information Security Manager

Location: Onsite 3-4 days per week at HQ office 225 W Randolph St 19th Floor, Chicago, IL 60606

Compensation: $105K - 125K depending on experience

Position Summary:

We are seeking a skilled SIEM Engineer to join our Information Security team. The ideal candidate will be responsible for designing, implementing, maintaining, and optimizing our SIEM platform to ensure real-time visibility, detection, and response to security threats across the enterprise. You will work closely with the information security team, infrastructure teams, and application owners to ensure log integrity and security monitoring coverage.

Key Responsibilities:

• Design, implement, and maintain SIEM solutions (e.g., Splunk, QRadar, LogRhythm, Sentinel, etc.)
• Integrate log sources from various systems, applications, and cloud environments into the SIEM.
• Architect, implement, and maintain SOAR platforms; Build automated playbooks and workflows to accelerate detection and incident response.
• Develop and fine-tune correlation rules, dashboards, alerts, and use cases based on threat intelligence and MITRE ATT&CK.
• Support incident response teams by providing context and data via the SIEM platform.
• Conduct threat hunting using SIEM data to proactively detect indicators of compromise (IOCs).
• Integrate threat intelligence feeds into SIEM for enriched analysis.
• Ensure log retention policies meet policy standards.
• Create and maintain SIEM documentation, including log onboarding procedures and use case development.
• Stay up to date on the latest security trends, vulnerabilities, and detection techniques.
• Provide on-call support or off-hours assistance as needed for critical issues.

Qualifications:

• Required:
  • Bachelor’s degree in computer science, Cybersecurity, Information Systems, or related field.
  • 3+ years of experience with SIEM technologies.
  • 1–3 years of experience working with SOAR platforms.
  • Strong understanding of security operations, log formats, and common network/application protocols.
  • Strong understanding of security logging standards, incident response, and threat detection.
  • Proficiency in scripting languages such as Python, PowerShell, or Bash.
  • Familiarity with MITRE ATT&CK, NIST, threat intelligence, and use case development.
  • Proficiency in scripting languages such as Python, PowerShell, or Bash.
• Preferred:
  • Experience with scripting languages (Python, PowerShell, Bash) for automation.
  • Knowledge of cloud platforms and security logging (AWS CloudTrail, Azure Monitor, GCP Logging).
  • Prior experience in a SOC or MSSP environment.
  • Ability to manage multiple projects and stakeholders effectively.

Benefits:

Ability to create your own Healthcare package; BCBS medical, dental, and vision - it’s your choice!

401(K) with up to 4% matching

Flexible PTO

Target 10% annual bonus of salary

Pre-taxed commuter benefits, including Uber Pool

Addison Group Wellness Program

Seasonal parties and events

Compensation:

• $105K - 125K depending on experience