Sr. Cyber Security SIEM Engineer

We Are:

At Synopsys, we drive the innovations that shape the way we live and connect. Our technology is central to the Era of Pervasive Intelligence, from self-driving cars to learning machines. We lead in chip design, verification, and IP integration, empowering the creation of high-performance silicon chips and software content. Join us to transform the future through continuous technological innovation.

You Are:

An ideal candidate for the Sr. SIEM Engineer role at Synopsys is someone who has a strong background in cybersecurity, particularly in Security Information and Event Management (SIEM) systems. You are detail-oriented, analytical, and possess a deep understanding of security protocols and incident response. You are adept at identifying potential security threats and developing strategies to mitigate them. You thrive in a collaborative environment and are capable of communicating complex technical concepts to non-technical stakeholders. You are proactive, always staying ahead of emerging security threats and continuously improving security measures within the organization. Your passion for cybersecurity drives you to stay updated with the latest industry trends and advancements.

What You'll Be Doing:

• Responsible for the implementation, administration, and maintenance of the SIEM platform.
• Collaborate with application owners to define and establish logging standards and requirements.
• Onboard new log sources to the SIEM via syslog, endpoint agents, and APIs.
• Develop parsers, data enrichments, and normalization pipelines for the log data.
• Design and implement archiving and data recovery strategy for log data.
• Develop advanced SIEM correlation rules, reports, and dashboards to detect emerging threats.
• Create and maintain documentation related to the SIEM platform and the various parsers developed.
• Collaborate with CSIRT and SecOps teams to develop/tune threat detection rules, dashboards, and visualization charts.
• Ensure data quality and identify any gaps in the security event collection.
• Participate in the overall ongoing development of the SIEM and implement new features/enrichments in the SIEM.
• Monitor SIEM health, monitor usage, and data growth.
• Develop data analytics and machine learning capabilities for security use cases.

The Impact You Will Have:

• Enhancing the overall security posture of Synopsys by proactively identifying and mitigating security threats.
• Improving incident response times and minimizing the impact of security incidents.
• Contributing to the development of robust security policies and procedures.
• Supporting the continuous improvement of security monitoring and detection capabilities.
• Ensuring compliance with industry standards and regulatory requirements.
• Fostering a culture of security awareness and best practices within the organization.

What You'll Need:

• Considerable experience building multi-zoned Elasticsearch clusters from scratch, configuring Kibana, and utilizing Elastic agents, Logstash, or Filebeat to ingest data into the cluster.
• Experience with implementing and managing on-prem and cloud Elastic SIEM Infrastructure.
• Experience with developing parsers, data enrichments, and normalization pipelines.
• Strong understanding of Elastic Common Schema.
• Practical experience with at least one development or scripting language/framework (e.g., PowerShell, Python, Bash) and regular expressions.
• Familiarity with various cloud environments (AWS, Azure, GCP).
• Ability to document and explain technical details in a concise, understandable manner.
• High tolerance for autonomy.

Who You Are:

• Analytical and detail-oriented, with a strong problem-solving mindset.
• Excellent communicator, able to convey technical concepts to diverse audiences.
• Proactive and self-motivated, with a passion for continuous learning and improvement.
• Collaborative team player, capable of working effectively in cross-functional teams.
• Adaptable and resilient, able to thrive in a fast-paced and dynamic environment.

The Team You'll Be A Part Of:

You will be part of the IT Security team, responsible for the planning, design, and build of security architectures. Our team oversees the implementation of network and computer security, ensuring the protection of Synopsys' information assets. We work collaboratively to address security challenges and continuously enhance our security measures to stay ahead of emerging threats.