Senior SIEM Engineer

Senior SIEM Engineer
Lisboa
Lisboa, Lisboa, Portugal

Join our team at **AMGEN Capability Center Portugal**, number 1 company in Best Workplaces
TM https://www.greatplacetowork. pt/ ranking in Portugal (category 201-500 employees) by the Great Place to Work Institute. We have a team of over 300 talented people and more than 35 different nationalities, diverse areas of expertise and professional experience that are shaping the future of healthcare. This is your chance to explore a world of opportunities in different areas such as Cybersecurity, Data & Analytics, Digital, Technology and Innovation, Finance, General & Admin, Human Resources, Regulatory Affairs and many more. In Lisbon's city center, our AMGEN office fosters innovation, excellence, and inspiration. Come thrive with us at AMGEN, supporting our mission To Serve Patients. What we do at AMGEN matters in people’s lives. As a **SIEM Engineer** you will play vital role, you will serve as a **technical leader and subject matter expert** driving AMGEN’s global security monitoring and detection strategy. You will architect, enhance, and optimize SIEM and UEBA platforms to deliver advanced, scalable, and automated detection capabilities across hybrid and cloud environments. You will collaborate closely with
- functional teams to embed monitoring and detection into the enterprise technology ecosystem, ensuring comprehensive visibility and rapid threat response. **Let’s do this. Let’s change the world. In this vital role you will:** * Lead the design, deployment, and continuous improvement of AMGEN’s **SIEM and UEBA platforms**, ensuring reliable and
- performing monitoring capabilities. * **Develop and implement log collection and correlation strategies** across
- premises, hybrid, and
- cloud environments to ensure complete visibility. * Develop, maintain, and optimize **custom correlation rules and dashboards** to identify advanced threats and reduce false positives. * Provide **technical leadership and mentorship** to junior engineers, guiding troubleshooting, automation, and best practices adoption. * Partner with **SOC, Threat Intelligence, and Incident Response teams** to design and implement advanced detection analytics. * Evaluate and integrate **new log sources**, ensuring scalability and compliance with AMGEN’s security architecture. * Automate recurring tasks using **scripting and orchestration** (e. g. , Python, Power
Shell, Bash, REST APIs). * Lead **incident investigation and forensic data enrichment**, leveraging SIEM data to support rapid containment and remediation. * Collaborate with infrastructure and application teams to enhance logging, monitoring, and compliance with security standards. * Manage and track **vendor relationships, platform health, upgrades, and audits** for SIEM-related controls and processes. * Contribute to AMGEN's **security monitoring roadmap**, identifying opportunities for innovation and maturity improvements. * Master’s degree with 3 years of experience in Information Systems or related field OR* Bachelor’s degree with 5 years of experience Information Systems or related field OR* Diploma with 7 years of experience in Information Systems or related field* Proven expertise in **Security Information and Event Management (SIEM)** and **User and Entity Behavior Analytics (UEBA)** platforms* Strong understanding of **threat detection, log management, and security analytics frameworks*** Experience designing and implementing **security architecture and automation** for monitoring and detection* In-depth knowledge of **cybersecurity frameworks** (e. g. , NIST CSF, MITRE ATT&CK, ISO 27001)* Proficiency with **SIEM platforms** (e. g. , Splunk, QRadar, Arc
Sight, Sentinel) and log collection technologies (e. g. , Cribl, Fluentd, Syslog, Universal Forwarder)* Experience designing and maintaining **cloud-native SIEM deployments** (AWS, Azure, GCP)* Strong background in **detection engineering, threat hunting, or automation/orchestration (SOAR)*** Proficiency in scripting and automation (e. g. , Python, Power
Shell, Bash)* Experience integrating **threat intelligence feeds and behavioral analytics** into detection workflows* Understanding of **Dev
Sec
Ops and CI/CD integration** for monitoring pipelines* Excellent analytical and solving skills* Strong verbal and written communication skills (English)* Ability to work effectively with global, virtual teams* High degree of initiative and
- motivation* Ability to handle multiple priorities successfully* Team oriented, with a focus on achieving team goals* Strong presentation and public speaking skills* **Work That Matters** – Build tech that accelerates scientific breakthroughs and helps patients worldwide. * **Modern Tech Stack** – Cloud-first,
- focused, AI-powered. * **Global Scale, Agile Mindset** – Collaborate across continents while working in nimble,
- impact teams. * **Continuous Learning** – Access to certifications, trainings, mentorship, and career mobility. * **AMGEN Total Rewards Plan** – Comprehensive benefits in healthcare, finance, and
- being. * **Flexibility** – Hybrid work model with time split between our Lisbon office and remote work.

#J-18808-Ljbffr