×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Security Engineer; SIEM

Job in Chicago, Cook County, Illinois, 60290, USA
Listing for: Medium
Full Time position
Listed on 2026-02-13
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below
Position: Security Engineer (SIEM)

About Coalfire

Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.

But that’s not who we are – that’s just what we do.

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

Position Summary

We’re looking for a SIEM Engineer II to play a central role in implementing and maintaining robust security monitoring solutions—ensuring our clients stay protected against emerging cyber threats and remain compliant with industry standards. If you’re driven by a desire to innovate and thrive in a collaborative environment, come be part of a team committed to making the world a safer place.

What

You’ll Do
  • Maintain SIEM solutions (Splunk, Sentinel, ELK, Log Rhythm, Sumo Logic) in cloud environments (AWS, Azure, GCP) to support FedRAMP continuous monitoring requirements
  • Maintain and support SIEM platforms (Splunk, Sentinel, ELK, Log Rhythm, Sumo Logic) in AWS, Azure, and GCP environments to support continuous monitoring and compliance requirements
  • Manage and maintain log collection infrastructure including forwarders, collectors, and ingestion pipelines across hybrid environments
  • Support SIEM performance tuning, storage management, retention settings, and licensing optimization under established operational guidelines
  • Implement and maintain log retention and audit configurations aligned with FedRAMP and other compliance framework requirements
  • Develop, tune, and maintain detection rules, correlation searches, and alerting logic to identify security events
  • Create and maintain custom parsers and field extractions for complex or proprietary log sources
  • Reduce false positives through ongoing rule tuning, baseline analysis, and detection improvement efforts
  • Participate in peer reviews of detection rules and SIEM configuration changes
  • Monitor SIEM alerts and investigate security events to support incident response and threat hunting activities
  • Contribute to development and maintenance of detection and response playbooks and operational procedures
  • Support troubleshooting of SIEM ingestion, parsing, and performance issues
  • Work with infrastructure and application teams to onboard new log sources and improve security visibility
  • Collect and organize SIEM control evidence and artifacts for audits and 3

    PAO assessment activities
  • Ensure SIEM configurations support required controls such as audit review, log integrity, and time synchronization
  • Create and maintain SIEM architecture, detection, and operational documentation and runbooks
  • Provide technical support during client reviews and operational meetings as assigned
  • Share knowledge and provide guidance to junior team members
  • Contribute to process improvement and automation initiatives within SIEM and detection workflows
What You’ll Bring
  • 3+ years of hands‑on systems engineering and architecture experience—including requirements definition, architecture development, use‑case/story creation, and systems integration/testing.
  • 3+ years of cloud experience in architecture, design, implementation, operations, and automation (AWS, Azure, or GCP).
  • Proven expertise with SIEM platforms (Splunk, Sentinel, ELK, Log Rhythm, Sumo Logic) and enterprise antivirus (AV) solutions (Trend Micro, Crowd Strike, Microsoft Defender).
  • Understanding of AWS, Azure, or GCP platform capabilities (ideally as a Cloud Architect, Cloud Dev Ops Engineer, or Cloud Security Engineer).
  • Experience working in Agile environments with technical teams of three or more individuals.
  • Excellent communication, organizational, and problem‑solving skills, with the ability to convey complex technical information clearly.
  • Strong documentation skills for creating technical diagrams, written descriptions, and other supporting materials.
  • Demonstrated ability to work both independently and as a…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search