SIEM security engineer

Company Description

ALTER SOLUTIONS is a consulting and technology expertise company founded in 2006. Our mission is to support our clients with their technical and organizational cybersecurity challenges. Our services are structured around the following areas of expertise:

• Security Management
• Architecture and Integration
• Audit and Penetration Testing
• Cyber Defense

We are an international group established in over ten countries, with a team of 950 employees.

Our success is driven by the development and fulfillment of each team member, and we place great importance on providing the best possible working conditions:

• Remote work available for a majority of our projects
• A Flex Office work environment available to everyone at all times to promote communication and collaboration
• Expert communities to share and disseminate skills within the group
• Close project management and HR support
• Annual training and certification opportunities
• Recognition of our consultants' expertise development
• Strong openness to short-term or long-term international mobility

Job Description

As a SIEM Security Engineer / Architect, you will play a key role in the design, implementation, and evolution of security monitoring solutions. You will be responsible for the architecture, deployment, and maintenance of SIEM technologies, with a strong focus on the Elastic Stack (Logstash, Elasticsearch, Kibana).

Your main responsibilities will include:

• Designing, deploying, documenting, and improving SIEM solutions;

• Maintaining stability and ensuring long-term operability of the SIEM environment;

• Developing and managing log collection, normalization, and correlation processes;

• Using automation tools (Ansible, Python scripting, etc.) to streamline deployment and operations;

• Collaborating with infrastructure, security, and architecture teams to ensure seamless integration of monitoring capabilities;

• Participating in internal and external audits;

• Interfacing with internal/external auditors and regulators, providing clear, well-documented technical responses regarding monitoring, logging, and control measures in place;

• Writing and maintaining technical documentation (architecture, procedures, standards);

• Contributing to continuous improvement initiatives in operational security.

Qualifications

• Minimum 10 years of IT experience, including at least 5 years in cybersecurity with proven SIEM expertise;
• In-depth experience in the architecture, deployment, and operation of Elastic Stack (Logstash, Elasticsearch, Kibana);
• Strong knowledge of log ingestion, normalization, and processing pipelines;
• Hands-on experience with automation tools such as Ansible and scripting (Python or equivalent);
• Demonstrated ability to work with internal and external auditors and regulatory bodies, and to produce clear compliance-related documentation;
• Solid understanding of security monitoring compliance requirements;
• CISA (Certified Information Systems Auditor) certification is strongly desired;
• Strong analytical skills, attention to detail, and ability to communicate clearly and effectively;
• Fluency in English is mandatory (written and spoken);