SIEM Architect

Overview

As a SIEM Architect at AvionPure, you will design and lead enterprise-grade SIEM implementations for our clients using Splunk Enterprise Security and Microsoft Sentinel. You will be the technical authority on threat detection, correlation, and SOC tooling strategy — helping clients build mature, scalable security operations.

Responsibilities

• Architect and implement Splunk ES and Azure Sentinel deployments for enterprise clients
• Develop and tune correlation rules, detection logic, and alert workflows
• Design threat intelligence integrations and enrichment pipelines
• Lead SOC tooling strategy including SOAR integration and playbook automation
• Perform SIEM health checks, data onboarding, and field normalization (CIM/OCSF)
• Mentor junior analysts and provide technical leadership within the SOC
• Produce architecture documentation, runbooks, and client-facing reports

Requirements

• 5+ years of experience in security operations or SIEM engineering
• Deep hands-on experience with Splunk Enterprise Security (ES)
• Experience with Microsoft Sentinel (KQL, Workbooks, Logic Apps)
• Strong knowledge of threat detection methodologies (MITRE ATT&CK)
• Familiarity with SOAR platforms (Splunk SOAR, Sentinel Playbooks)
• Splunk Certified Architect or equivalent preferred
• Excellent client-facing communication and documentation skills

Skills