Job Overview:
We are seeking a talented and highly motivated SentinelOne AI SIEM Engineer to join our Dedicated Defense group. As a key member of our team, you will be responsible for deploying and maintaining SentinelOne’s AI SIEM to enhance threat detection, response, and overall security posture. This is an exciting opportunity for an individual with expertise in SIEM technologies, aiming to help safeguard critical systems and data from evolving cyber threats.
Responsibilities:
Integration & Optimization: Integrate and optimize SentinelOne AI SIEM to improve visibility and automate threat detection workflows.
Threat Detection: Utilize SentinelOne’s AI-powered analytics to dashboard reports and automate critical reporting functions
Automation & Playbook Development: Develop automated detection and response playbooks based on SentinelOne data feeds, streamlining incident management and reducing time to resolution.
Collaboration & Knowledge Sharing: Work closely with other security and IT teams to share threat intelligence, optimize SIEM use, and contribute to security strategy development.
Reporting & Documentation: Develop and maintain dashboards, reports, and documentation related to SentinelOne deployment,performance, and incident metrics.
Continuous Improvement: Continuously evaluate SentinelOne's capabilities and other relevant security tools to recommend improvements and refine detection capabilities.
Required Qualifications:
Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience).
5-10 years of SIEM experience in Splunk, Qradar, Microsoft, and comparable SIEMS
Hands-on experience with other SIEM platforms (Splunk, IBM QRadar, Microsoft Sentinel, etc.) and integrating them with endpoint security tools.
Strong understanding of cybersecurity principles, threat detection, and SIEM management.
Experience working with Sentinel One Core EDR technology
Proficiency in scripting and automation (Python, PowerShell, etc.).
Experience with cloud security (AWS, Azure, GCP) and cloud-native SIEM solutions is a plus.
Preferred Qualifications:
1+ year of experience working with SentinelOne AI SIEM as optional
SentinelOne certification (or equivalent industry certifications).
Knowledge of compliance frameworks (e.g., NIST, ISO 27001, GDPR, etc.) and how they apply to security operations.
Key Skills:
Technical Skills: SentinelOne platform, SIEM tools, security automation, machine learning for cybersecurity, network security.
Analytical Skills: Strong ability to analyze large datasets and correlate logs/events.
Communication Skills: Excellent verbal and written communication skills for collaborating with cross-functional teams and providing clear reporting.
Problem-Solving: Strong troubleshooting skills with the ability to resolve complex security issues quickly and effectively.
Top Skills
What We Do
Unified Security Operations, Delivered. We tear down the walls between red and blue teams & address risk exposure when it’s discovered—not weeks later. UltraViolet Cyber is a leading platform-enabled unified security operations company providing a comprehensive suite of security operations solutions.
Founded and operated by security practitioners with decades of experience, the UltraViolet Cyber security-as- code platform combines technology innovation and human expertise to make advanced real time cybersecurity accessible for all organizations by eliminating risks of separate red and blue teams. By creating continuously optimized identification, detection and resilience from today’s dynamic threat landscape, UltraViolet Cyber provides both managed and custom-tailored unified security operations solutions to the Fortune 500, Federal Government, and Commercial clients.
UltraViolet Cyber is headquartered in McLean, Virginia with global offices across the U.S. and in India.
