SIEM Content Engineer Role & Responsibilities

SIEM Content Engineer Role & Responsibilities

The SIEM Content Engineer role seems to be defined with quite a range of responsibilities, according to the job listings I reviewed. Here are some samples plucked from researching the term and checking out jobs:

  • Analyzing, designing, developing and delivering solutions to stop adversaries
  • Identifying threats
  • Incident response
  • Risk reviews
  • Vulnerability management
  • Event monitoring, including log management and SIEM
  • Defining how logs should be parsed
  • Writing new correlation rules
  • Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities
  • Writing custom active lists, queries, and rules
  • Care and content of SIEM platforms
  • Developing custom content based on threat intelligence
  • Ensure SIEM technologies are integrated & utilized to protect cyber related assets

The qualifications that were required varied quite a bit, most desiring a technical college degree and hands-on experience with SIEM. Some were quite specific, including things like knowledge of basic networking protocols and addressing schemes, e.g., TCP/IP functions, CIDR blocks, subnets, addressing, communications, etc.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s