Apply now »

Lead Security Engineering

About Providence

Providence, one of the US’s largest not-for-profit healthcare systems, is committed to high quality, compassionate healthcare for all. Driven by the belief that health is a human right and the vision, ‘Health for a better world’, Providence and its 121,000 caregivers strive to provide everyone access to affordable quality care and services.

Providence has a network of 51 hospitals, 1,000+ care clinics, senior services, supportive housing, and other health and educational services in the US.

Providence India is bringing to fruition the transformational shift of the healthcare ecosystem to Health 2.0. The India center will have focused efforts around healthcare technology and innovation, and play a vital role in driving digital transformation of health systems for improved patient outcomes and experiences, caregiver efficiency, and running the business of Providence at scale.

Why Us?

Best In-class Benefits
Inclusive Leadership
Reimagining Healthcare
Competitive Pay
Supportive Reporting Relation

Role Summary

The SIEM Engineer will implement and maintain SIEM platforms that enable effective security monitoring, threat detection, and incident response across the enterprise. This role focuses on capabilities like log onboarding, detection engineering, performance optimization, and use‑case lifecycle management—working closely with SOC, Incident Response, and Security Engineering teams.

Key Responsibilities

Configure, and maintain enterprise SIEM platforms (e.g., Microsoft Sentinel, Splunk, QRadar, Elastic).
Implement log ingestion pipelines from cloud, on-Prem, network, endpoint, and identity sources.
Develop, tune, and optimize detection rules, correlation logic, and analytics to reduce false positives and improve signal quality.
Knowledge on building and maintaining SIEM data models, parsing logic, and normalization standards.
Partner with SOC analysts to translate threat scenarios into actionable SIEM use cases.
Support SIEM performance and cost optimization initiatives.
Integrate SIEM with SOAR, threat intelligence feeds, and security tooling ecosystem.
Maintain documentation, runbooks, and engineering standards for SIEM operations.

Required Qualifications

5–8 years of experience in SIEM engineering or security monitoring roles.
Strong hands‑on experience with at least one enterprise SIEM platform.
Experience onboarding and parsing logs from cloud platforms (Azure/AWS/GCP), firewalls, EDR, IAM, and network devices.
Knowledge of MITRE ATT&CK and detection engineering principles.
Proficiency in KQL, SPL, or equivalent SIEM query languages.
Scripting experience (Python, PowerShell, or similar).

Preferred Qualifications

Experience integrating SIEM with SOAR platforms.
Exposure to compliance‑driven monitoring (ISO 27001, NIST, HIPAA, PCI).
Cloud‑native security monitoring experience.

Providence’s vision to create ‘Health for a Better World’ aids us to provide a fair and equitable workplace for all in our employment, whether temporary, part-time or full time, and to promote individuality and diversity of thought and background, and acknowledge its role in the organization’s success. This makes us committed towards equal employment opportunities, regardless of race, religion or belief, color, ancestry, disability, marital status, gender, sexual orientation, age, nationality, ethnic origin, pregnancy, or related needs, mental or sensory disability, HIV Status, or any other category protected by applicable law. In furtherance to our mission in building a more inclusive and equitable environment, we shall, from time to time, undertake programs to assist, uplift and empower underrepresented groups including but not limited to Women, PWD (Persons with Disabilities), LGTBQ+ (Lesbian, Gay, Transgender, Bisexual or Queer), Veterans and others. We strive to address all forms of discrimination or harassment and provide a safe and confidential process to report any misconduct.

Contact our Integrity hotline also, read our Code of Conduct.

Apply now »