Platform SIEM Engineer II

While proximity to Tampa is preferred to support a hybrid schedule in our Tampa Center of Excellence, we're open to remote candidates who can support the Eastern Time Zone.

The Platform SIEM Engineer II's primary goal is to provide expert production support for the Deepwatch managed security service offerings. Platform SIEM Engineers are responsible for the configuration, operation, and optimization of all SIEM systems and resources within Deepwatch. This position is ideal for candidates with experience in SIEM administration, systems engineering, or security operations who are ready to operate more independently in a fast-paced environment. The role provides hands-on experience supporting modern, cloud-native SIEM platforms at scale, working alongside senior Platform SIEM and Detection Engineers to onboard data sources, maintain platform health, troubleshoot data pipeline issues, and ensure our customers' operational and security data is flowing, searchable, and reliable.

Candidates must display aptitude and ability to manage a multitude of technology solutions in a fast paced environment. Candidates must also offer informed solutions or recommendations based on the understanding of the issue in front of them. This position is virtual / remote working from a home office unless traveling to a corporate office or client site.

In this role, you'll get to:

• Provide first line support of production impacting issues before engaging additional resources
• Monitor, manage, and optimize SIEM platform performance, which includes but are not limited to:

• Splunk
• Google SecOps
• Microsoft Sentinel
• Securonix
• CrowdStrike NG SIEM
• Palo Alto XSIAM

• Maintain, manage, and troubleshoot log collection solutions running on Linux and Windows systems supporting data pipelines into SIEM platforms.
• Identify and remediate critical log ingest gaps to support continuous security monitoring
• Communicate with leadership and support roles (internal and external)
• Manage ticket request/incident statuses and provide timely follow up to internal and external customers
• Participate in projects/initiatives as needed
• Document network architectures and topologies
• Keep up-to-date with information security news, techniques, and trends

Do you have experience in Windows?, * Have 2+ years of experience in SIEM administration, security operations, or a related field.

• Have hands-on experience with at least one SIEM platform such as Splunk, Microsoft Sentinel, Google SecOps, Securonix, CrowdStrike NG SIEM, or Palo Alto XSIAM
• Understand log data pipelines, parsing, normalization, and troubleshooting methodologies.
• Are comfortable administering and troubleshooting Linux and Windows systems
• Have experience working with cloud platforms such as AWS, Azure, or GCP
• Can independently troubleshoot operational issues and manage competing priorities
• Communicate clearly with both technical and non-technical audiences
• Maintain strong documentation and operational discipline in a fast-paced environment
• Have scripting experience in Python, Bash, or PowerShell
• Have experience with AWS, Azure, or GCP
• Hold relevant security or cloud certifications

3.53.5 out of 5 stars Tampa, FL Hybrid work $130 an hour, Pulled from the full job description

• Paid parental leave
• Parental leave
• 401(k)
• Health insurance
• Vision insurance
• Dental insurance
• Stock options, The anticipated salary range for this role is $130,00 - $150,000 + stock options + benefits. Actual compensation may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level.

ITAR Compliance

This position will have access to customer data and as such is subject to International Traffic in Arms Regulations (ITAR). Upon application, candidates will be asked to confirm that they are a U.S. Person as defined by the following:

• A citizen of the U.S.;
• A lawful permanent resident of the United States;
• A person admitted to the United States as a refugee; or
• A person that has been granted asylum by the United States government.

The intent of this requirement is not to verify employment eligibility overall, but to ensure compliance with import/export regulations. If you do not meet these requirements, we encourage you to apply for other open roles at Deepwatch. This information will be verified upon offer of employment.

What We Offer:

Deepwatch is excited to provide benefits designed to support team members and their families. Including:

• Medical, dental, vision, and disability insurance
• Flexible Time Off (FTO), 12 company holidays, sick leave and 8-Weeks Paid Parental Leave
• Unique professional development benefits with Annual "development dollars" to support our people growth and development
• Wellness contests and monthly educational programs
• 401(K) retirement program
• Learn more here: Deepwatch Benefits

We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates, so please don't hesitate to apply - we'd love to hear from you. Please review our DEI Statement here. Deepwatch welcomes and encourages applications from people with disabilities and accommodations are available on request for candidates taking part in all aspects of the selection process. Please inform your recruiter or contact recruiting@deepwatch.com for further information. All Deepwatch employees are expected to:

• Be interested in and able to work remotely from a home office when not at a corporate office
• Pass a pre-employment background check in accordance with applicable laws

Come join Deepwatch's team of world-class cybersecurity professionals and the brightest minds in the industry. If you're ready to challenge yourself with work that matters, then this is the place for you. We're redefining cybersecurity as one of the fastest growing companies in the U.S. - and we have a blast doing it!, Deepwatch is the leader in managed security services, protecting organizations from ever-increasing cyber threats 24/7/365. Powered by Deepwatch's cloud-based security operations platform, Deepwatch provides the industry's fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. Hundreds of organizations, from Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business. Our core values drive everything we do at Deepwatch, including our approach to tackling tough cyber challenges. We seek out tenacious individuals who are passionate about solving complex problems and protecting our customers. At Deepwatch, every decision, process, and hire is made with a focus on improving our cybersecurity solutions and delivering an exceptional experience for our customers. By embracing our values, we create a culture of excellence that is dedicated to empowering our team members to explore their potential, expand their skill sets, and achieve their career aspirations, which is supported by our unique annual professional development benefit. Deepwatch recognition includes: * 2025, 2024, 2023, 2022 and 2021 Great Place to Work® Certified * 2024 Military Times Best for Vets Employers * 2024 US Department of Labor Hire Vets Gold Award * 2024 Forbes' America's Best Startup Employers * 2024 Cyber Defense Magazine, Global Infosec Awards * 2023 and 2022 Fortress Cybersecurity Award * 2023 $180M Series C investment from Springcoast Capital Partners, Splunk Ventures, and Vista Credit Partners of Vista Equity Partners * 2022 Cybersecurity Excellence Award for MDR