CHENNAI · FULLTIME
Lead Security Engineer (SIEM)

Staples
Chennai · onsite · Posted 1d ago
Sourced from
Undisclosed3–7 yrsfulltimeChennai
Your match
?
Sign in to see your match score, skill gaps & tailored resume.
Section · 01
About this role
Duties & Responsibilities
- Architect and optimize SIEM platforms (e.g., Microsoft Sentinel, Splunk), including ingestion pipelines, parsing/normalization, enrichment, and correlation logic.
- Engineer and operate Cribl Stream and Cribl Edge for log routing, filtering, transformation, enrichment, data reduction, and destination fanout (SIEM, data lake, cold storage).
- Design and maintain telemetry onboarding with schema mapping, collectors/agents, connectors, API integrations, replay, and edge collection for diverse sources (endpoint, network, cloud, identity, app).
- Develop advanced detections and analytics (rules, queries, correlations) aligned to MITRE ATT&CK, emerging TTPs, and threat intelligence; measure detection efficacy and coverage.
- Lead systematic alert tuning to reduce false positives and improve signaltonoise, leveraging Cribl pipelines and SIEM analytics to standardize high-fidelity events.
- Build investigation assets (dashboards, hunting queries, data models) that accelerate SOC workflows and rootcause analysis across telemetry domains.
- Monitor ingestion health and cost (EPS/GB/day, license utilization), implement Criblbased data controls (sampling, routing, suppression) to ensure reliability and budget adherence.
- Perform RCA on detection gaps and pipeline failures; implement durable fixes in Cribl routes/pipelines and SIEM parsing/enrichment layers.
- Mentor engineers and analysts on KQL/SPL, detection engineering patterns, Cribl pipeline design, and telemetry best practices; conduct peer reviews and standards governance.
- Maintain documentation: data dictionaries, detection catalogs, Cribl pipeline/runbooks, ingestion maps, and metrics reporting on coverage, fidelity, MTTR, and pipeline SLOs. Requirements
Basic Qualifications
- Solid understanding of network protocols, data protection mechanisms, and threat landscapes
- Hands-on experience with security systems, including firewalls, intrusion detection systems, anti-virus software, etc.
Preferred Qualifications
- Industry-recognized certifications (e.g., CISSP, CISM, CEH)
- Master’s degree in Cybersecurity or a related field
Sourced from linkedin · view original
Let the agent run this one for you.
Tailored resume, auto-apply, and referral lookup — in under 2 minutes.
Section · 02
Skills
SplunkCi/CdAnalyticsNetwork SecurityConnectorsAntivirusCloud SecurityApplication SecurityEndpoint SecuritydashboardsRoot Cause Analysisdata modelsCismsiemthreat intelligencefirewallstransformationcehdata protectionsplcisspTelemetryIntrusion Detection SystemsSentinelnetwork protocolsidentity securityDetection EngineeringparsingAPI integrationsMitre Att&CkAgentsNormalizationKQLEnrichmentantivirus softwareschema mappingCribl StreamfilteringSOC workflowsalert tuningingestion pipelinesData ReductionCollectorsCribl EdgeEdge CollectionHunting QueriesLog RoutingReplayTelemetry OnboardingCorrelation logicDestination fanoutFalse positives reduction
Section · Company
About Staples

Staples
Retail
50000-100000
employees
1986
40 years old
Mumbai, Maharashtra
India
₹15.8L PA avg
Avg at Staples
About
Staples serves as a major office supply provider and e-retailer, offering diverse solutions while emphasizing corporate responsibility and technological advancements.
Industries
Retail
Employee ratings
10 reviews
3.4/ 5
Culture
3.5
Career growth
2.8
Work-life
3.5
Employees rate it well for
Company Culture37Skill Development36
Find them on