Elastic SIEM Security Architect

OPEN TO HIRING IN AUSTIN-TX, HILLSBORO-OR, MORRISVILLE-NC

We Are:

At Synopsys, we drive the innovations that shape the way we live and connect. Our technology is central to the Era of Pervasive Intelligence, from self-driving cars to learning machines. We lead in chip design, verification, and IP integration, empowering the creation of high-performance silicon chips and software content. Join us to transform the future through continuous technological innovation.

You Are:

You are a highly skilled and driven Cyber Security Engineer, passionate about protecting enterprise environments and advancing threat detection capabilities. You thrive in dynamic settings, consistently seeking to improve both the security posture and the operational efficiency of SIEM platforms. Your expertise spans hands-on Elastic SIEM administration, log source onboarding, and the development of advanced threat detection strategies. You bring a collaborative spirit, working closely with application owners, CSIRT, and SecOps teams to align security objectives with business priorities. You possess a deep understanding of cloud and on-prem environments, and you leverage modern technologies and scripting languages to deliver scalable solutions. Your communication skills enable you to translate complex technical concepts into clear documentation and actionable insights. You value autonomy, taking initiative in driving projects forward and continuously exploring new data analytics and machine learning approaches to security challenges. Your curiosity and commitment to learning ensure you stay ahead of emerging threats, and your dedication to quality means you always deliver reliable, well-documented solutions. If you are ready to make a tangible impact on the security landscape at Synopsys, we invite you to join our team of innovators.

What You’ll Be Doing:

• Implement, administer, and maintain the SIEM platform, ensuring robust and scalable security event management.
• Collaborate with application owners to define and establish logging standards and requirements for enterprise systems.
• Onboard new log sources to the SIEM via syslog, endpoint agents, and APIs, optimizing coverage and visibility.
• Develop parsers, data enrichments, and normalization pipelines to extract actionable insights from diverse log data.
• Design and implement strategies for log data archiving and recovery, supporting compliance and forensic needs.
• Create advanced SIEM correlation rules, reports, and dashboards to detect and respond to emerging threats.
• Document SIEM platform configurations and parser developments for knowledge sharing and operational continuity.
• Partner with CSIRT and SecOps teams to tune threat detection rules, dashboards, and visualization charts for effective incident response.
• Monitor SIEM health, usage, and data growth, proactively addressing performance and scalability challenges.
• Develop data analytics and machine learning capabilities to enhance security use cases and threat detection.

The Impact You Will Have:

• Elevate Synopsys’ threat detection and response capabilities through advanced SIEM engineering.
• Ensure enterprise-wide visibility into security events, empowering rapid incident identification and resolution.
• Drive continuous improvement in log data quality and coverage, strengthening the organization’s security posture.
• Enable compliance with regulatory and audit requirements through reliable data archiving and recovery processes.
• Facilitate cross-functional collaboration in threat hunting and incident remediation efforts.
• Advance the adoption of machine learning and data science in cybersecurity operations, positioning Synopsys as an industry leader.

What You’ll Need:

• Extensive experience building and administering multi-zoned Elasticsearch clusters, including Kibana configuration and data ingestion using Elastic agents, Logstash, or Filebeat.
• Proven ability to implement and manage Elastic clusters in both on-premises and cloud infrastructures.
• Expertise in developing parsers, data enrichments, and normalization pipelines for diverse log data.
• Strong understanding of Elastic Common Schema and best practices for data modeling in SIEM environments.
• Proficiency in at least one development or scripting language (PowerShell, Python, Bash) and regular expressions for automation and data processing.
• Familiarity with cloud environments such as AWS, Azure, and GCP, and their security event integration.
• Ability to document and explain technical details in a concise, understandable manner for technical and non-technical stakeholders.

Who You Are:

• Autonomous and self-motivated, able to drive projects independently with minimal supervision.
• Collaborative, with strong interpersonal skills and the ability to partner across teams.
• Analytical and detail-oriented, with a commitment to data quality and operational excellence.
• Effective communicator, adept at explaining complex concepts to diverse audiences.
• Curious and adaptable, eager to learn new technologies and approaches in cybersecurity.
• Innovative, always looking for ways to enhance security operations through automation and data science.

The Team You’ll Be A Part Of:

You’ll join a forward-thinking Cyber Security Engineering team dedicated to building and maintaining world-class security event management infrastructure. The team’s core focus is on advancing Synopsys’ capabilities in threat detection, incident response, and security analytics. Together, you’ll collaborate with CSIRT, SecOps, and business application owners to deliver scalable solutions, drive innovation, and ensure the safety and integrity of Synopsys’ global operations.

Rewards and Benefits:

We offer a comprehensive range of health, wellness, and financial benefits to cater to your needs. Our total rewards include both monetary and non-monetary offerings. Your recruiter will provide more details about the salary range and benefits during the hiring process.

At Synopsys, we want talented people of every background to feel valued and supported to do their best work. Synopsys considers all applicants for employment without regard to race, color, religion, national origin, gender, sexual orientation, age, military veteran status, or disability.

In addition to the base salary, this role may be eligible for an annual bonus, equity, and other discretionary bonuses. Synopsys offers comprehensive health, wellness, and financial benefits as part of a competitive total rewards package. The actual compensation offered will be based on a number of job-related factors, including location, skills, experience, and education. Your recruiter can share more specific details on the total rewards package upon request. The base salary range for this role is across the U.S.