IT Security SIEM Engineer

Oz Solutions Group Inc.
New York, United States of America
3 days ago

Role details

Contract type
Temporary contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Compensation
$ 83K

Job location

Remote
New York, United States of America

Tech stack

Antivirus Softwares
Systems Engineering
Bash
Cloud Computing
CompTIA Security+
Computer Security
Databases
Intrusion Detection and Prevention
Intrusion Detection Systems
Python
Network Security
Powershell
Security Information and Event Management
Software Vulnerability Management
Data Logging
Scripting (Bash/Python/Go/Ruby)
Data Ingestion
Splunk

Job description

As an IT Security SIEM Engineer (Security Operations Consultant), you will support a highly visible cybersecurity program for a large-scale public sector organization, contributing across the full system engineering lifecycle - requirements analysis, design, development, implementation, integration, testing, and documentation. This role supports both strategic initiatives and day-to-day security operations in a hybrid environment, with a primary focus on SIEM engineering (Splunk), security monitoring, automation and scripting, endpoint protection, and overall operational security, working in coordination with the citywide Security Operations Center (SOC)., * Provide engineering and administration support for the organization's Splunk environment (cloud and/or hybrid), including search heads, indexers, deployers, deployment servers, and heavy/universal forwarders

  • Onboard and normalize new log sources across application, database, network, cloud, and endpoint
  • Develop and maintain complex Splunk queries, dashboards, reports, and alerts for both technical and executive audiences
  • Analyze log data for anomalies, suspicious trends, and potential security incidents; support log correlation and threat detection use cases aligned with SOC requirements
  • Tune alerts to reduce false positives and improve detection efficiency
  • Support day-to-day security monitoring, triage, and analysis of alerts and incidents in coordination with the SOC and internal teams
  • Support incident investigations using logs, endpoint data, and network telemetry, and contribute to incident response documentation and playbooks
  • Develop and maintain automation scripts (PowerShell, Python, Bash) to automate repetitive security tasks such as log ingestion validation, reporting, and compliance checks
  • Assist in monitoring and managing endpoint security tools (EDR, antivirus, host-based monitoring), endpoint hardening, and security configuration validation
  • Support vulnerability remediation coordination, patch validation, and compliance reporting
  • Review system and infrastructure logs, support firewall and network security log monitoring, and assist with user access reviews and audit support
  • Contribute to POAM tracking, remediation validation, and audit evidence preparation

Requirements

  • Strong hands-on experience with Splunk Enterprise and/or Splunk Cloud
  • Experience onboarding log sources and building detection logic
  • Knowledge of enterprise logging across application, web, database, security, and endpoint
  • Experience with scripting languages (PowerShell, Python, Bash)
  • Familiarity with endpoint detection and response (EDR) tools
  • Knowledge of incident response procedures
  • Understanding of log correlation and threat detection techniques
  • Experience with IDS/IPS and host-based security tools
  • Strong analytical and problem-solving skills
  • Ability to work independently and manage assigned tasks
  • Strong verbal and written communication skills

Preferred Certifications:

  • Splunk Enterprise Certified Admin / Architect
  • CISSP, CEH, GCIH, Security+, or equivalent

Benefits & conditions

$30 - $40 an hour - Contract, * Hourly rate (competitive, commensurate with experience)

About the company

OZ Solutions Group is a technology services company providing IT support and solutions to government and public sector clients across New York City. We are currently seeking one (1) IT Security SIEM Engineer to join our team on a client engagement in Lower Manhattan.

Apply for this position