Apply now »

Senior Cybersecurity Engineer

About Providence

Providence, one of the US’s largest not-for-profit healthcare systems, is committed to high quality, compassionate healthcare for all. Driven by the belief that health is a human right and the vision, ‘Health for a better world’, Providence and its 121,000 caregivers strive to provide everyone access to affordable quality care and services.

Providence has a network of 51 hospitals, 1,000+ care clinics, senior services, supportive housing, and other health and educational services in the US.

Providence India is bringing to fruition the transformational shift of the healthcare ecosystem to Health 2.0. The India center will have focused efforts around healthcare technology and innovation, and play a vital role in driving digital transformation of health systems for improved patient outcomes and experiences, caregiver efficiency, and running the business of Providence at scale.


Why Us?

  • Best In-class Benefits
  • Inclusive Leadership
  • Reimagining Healthcare
  • Competitive Pay
  • Supportive Reporting Relation

Job Description – SIEM Senior Engineer 

Role Overview

The SIEM Senior Engineer is responsible for hands-on engineering, alert enrichment, and monitoring of security alerts using Splunk. This role focuses on building high-quality detections, enriching alerts with meaningful context, and improving SOC analyst efficiency by reducing false positives and improving signal quality. The role works closely with SOC Analysts, SIEM Leads, and Security Engineering teams.

Key Responsibilities

  • Engineer, maintain, and tune Splunk-based SIEM alerts and correlation rules.
  • Monitor security alerts to ensure accuracy, relevance, and operational readiness.
  • Continuously tune alerts to improve signal-to-noise ratio and reduce false positives.
  • Implement alert enrichment using identity, asset, vulnerability, and threat intelligence data.
  • Ensure alerts contain actionable context such as user, asset, privilege, and business impact.
  • Support Splunk log onboarding, data normalization, and CIM compliance.
  • Optimize SPL searches, dashboards, and saved searches.
  • Support L2/L3 troubleshooting for SIEM alerts and ingestion issues.
  • Develop detection use cases aligned to the MITRE ATT&CK framework.
  • Maintain SOPs, runbooks, and SIEM documentation.

Required Skills & Experience

  • 4–7 years of experience in SIEM, SOC, or Security Engineering roles.
  • Strong hands-on experience with Splunk Enterprise or Splunk ES.
  • Proven experience in SIEM alert creation, tuning, and enrichment.
  • Strong understanding of security telemetry across endpoint, network, cloud, and IAM.
  • Proficiency in SPL (Search Processing Language).
  • Understanding of SOC workflows and incident triage.
  • Familiarity with the MITRE ATT&CK framework.

Preferred Qualifications

  • Experience integrating Splunk with IAM, CMDB, vulnerability, and threat intelligence tools.
  • Exposure to SOAR platforms and automated response workflows.
  • Scripting experience using Python or PowerShell.
  • Experience working in regulated environments such as healthcare or financial services.
  • Relevant Splunk or security certifications.

Providence’s vision to create ‘Health for a Better World’ aids us to provide a fair and equitable workplace for all in our employment, whether temporary, part-time or full time, and to promote individuality and diversity of thought and background, and acknowledge its role in the organization’s success. This makes us committed towards equal employment opportunities, regardless of race, religion or belief, color, ancestry, disability, marital status, gender, sexual orientation, age, nationality, ethnic origin, pregnancy, or related needs, mental or sensory disability, HIV Status, or any other category protected by applicable law. In furtherance to our mission in building a more inclusive and equitable environment, we shall, from time to time, undertake programs to assist, uplift and empower underrepresented groups including but not limited to Women, PWD (Persons with Disabilities), LGTBQ+ (Lesbian, Gay, Transgender, Bisexual or Queer), Veterans and others. We strive to address all forms of discrimination or harassment and provide a safe and confidential process to report any misconduct.

Contact our Integrity hotline also, read our Code of Conduct.

Apply now »