Cloud Security Engineer (SIEM / Elastic / AWS)

About the Company

Join a global technology organization driving secure and intelligent cloud solutions for enterprise customers. The team focuses on building modern security observability and threat detection platforms to protect critical business environments across cloud and microservices architectures.

Role Summary

We are looking for a Cloud Security Engineer specializing in security observability, SIEM engineering, and AWS cloud security monitoring. You will design and maintain security telemetry pipelines, develop detection analytics, and support threat monitoring across cloud and container environments.

• Design and maintain security observability platforms using Elastic Stack (Elasticsearch, Logstash, Kibana, Beats) and AWS security services.
• Build scalable log ingestion and telemetry pipelines across cloud workloads, microservices, containers, and endpoints.
• Develop detection rules, dashboards, and security visualizations.
• Integrate security findings from AWS services such as CloudTrail, CloudWatch, GuardDuty, Security Hub, Macie, and Inspector.
• Implement log normalization, enrichment, tagging, and correlation logic.
• Support threat hunting, security monitoring, and incident investigation.
• Automate observability and security workflows using scripting and infrastructure-as-code tools.
• Participate in on-call support for critical security events.
• Define logging and telemetry standards aligned with security governance frameworks.

• Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or related field.
• 3–7 years of experience in cloud security, SIEM engineering, or security observability.
• Strong hands-on experience with:
• Elastic Stack (Elastic Search, Logstash, Kibana, Beats, Elastic Agents)
• AWS security and monitoring services
• Log ingestion pipeline development
• Security telemetry and detection engineering
• Proficiency in scripting languages such as Python, Bash, or PowerShell.
• Knowledge of OpenTelemetry, container observability, or Kubernetes log monitoring is a plus.
• Familiarity with SOAR platforms or security automation is advantageous.
• Strong analytical, troubleshooting, and communication skills.

EA Personnel No: R1105313