SIEM Engineer (Cybersecurity)

TL;DR

SIEM Engineer (Cybersecurity): Designing, implementing, and maintaining the organization's SIEM platform to ensure continuous, reliable, and scalable security monitoring with an accent on log source integrations across diverse environments, correlation rule development, and alerting workflows. Focus on continuously optimizing SIEM performance, data ingestion efficiency, and collaborating with Security Operations and Incident Response teams to improve detection coverage.

Location: This is an on-site position at one of our offices in: Belgrade (Serbia), Lisbon (Portugal), Sofia (Bulgaria), Valencia (Spain), Warsaw (Poland), or Yerevan (Armenia). Remote or hybrid work is not available. Candidates must either already be in one of these locations or be willing to relocate, with relocation support provided if necessary.

Company

hirify.global is a global company creating end-to-end tech products for clients across Fintech, iGaming, and Marketing.

What you will do

• Design, implement, and maintain the SIEM platform for continuous security monitoring.
• Develop and manage log source integrations across on-premise, cloud, and hybrid environments.
• Build, fine-tune, and maintain correlation rules, detection logic, and alerting workflows.
• Create and maintain dashboards, reports, and visualizations for SOC operations and threat hunting.
• Continuously optimize SIEM performance and data ingestion efficiency.
• Collaborate with Security Operations, Incident Response, and Threat Intelligence teams.

Requirements

• 3+ years of experience working with SIEM platforms (e.g., Splunk, ELK, QRadar, or similar).
• 9+ months of experience working with ELK SIEM (Elasticsearch, Logstash, Kibana, and Beats).
• Strong understanding of log management, event correlation, and alerting principles.
• Proficiency in developing and tuning detection rules, dashboards, and reports.
• Experience with scripting (Python, PowerShell, or similar) for automation and data enrichment.
• Fluency in English (written and spoken).

Nice to have

• Experience with SOAR platforms or EDR.
• Experience with cloud environments (AWS, Azure, GCP) and related log sources.
• Familiarity with vulnerability management and exposure reduction processes.
• Knowledge of regulatory and compliance requirements (GDPR, ISO 27001, SOC 2, etc.).

Culture & Benefits

• Career growth opportunities in an international and dynamic environment.
• Opportunity to develop language skills with partial compensation for language courses.
• Special gifts for birthdays, weddings, and newborns.
• 20 working days of paid annual vacation, plus paid sick leaves.
• Comprehensive medical insurance for you and your partner.
• Comfortable office with great facilities and exciting corporate events.