company-logo

SIEM Administrator Google

Description

We are seeking an expert SIEM Administrator to manage and optimize our Google Chronicle and Google Cloud Security platforms. In this critical role, you will be responsible for the end-to-end administration of our security information and event management system, ensuring comprehensive visibility across cloud and on-premise infrastructures. Your primary focus will be on advanced detection engineering using YARA-L, managing data ingestion pipelines, and automating incident response workflows. You will collaborate with SOC and Threat Intelligence teams to create high-fidelity detection rules mapped to the MITRE ATT&CK framework. Additionally, you will leverage BigQuery and Looker Studio to build security analytics and compliance reports. This position requires a proactive, detail-oriented professional with deep expertise in Google Cloud native security services and a passion for building robust, automated security operations.

Requirements

1. 7–8 years of professional experience in SIEM operations with a strong focus on cloud security environments.

2. Expert-level, hands-on experience with the administration and maintenance of Google Chronicle SIEM and Google Cloud Security Command Center (SCC).

3. Proficiency in creating and tuning custom detection rules using YARA-L.

4. Advanced skills in BigQuery SQL for security data analysis, threat hunting, and reporting.

5. Demonstrable experience in automation using Python/Bash, Google Cloud Functions, and Chronicle Playbooks.

6. In-depth knowledge of Google Cloud services including IAM, VPC Flow Logs, Cloud Audit Logs, and Pub/Sub.

7. Proven experience managing log ingestion pipelines from multi-cloud (GCP, AWS, Azure) and on-premise sources.

8. Must hold the 'Google Cloud Certified – Professional Cloud Security Engineer' certification.

Desirable

1. Chronicle Certified Analyst / Administrator certification.

2. Professional security certifications such as GCIH, CISM, or CISSP.

3. Experience with data visualization tools like Looker Studio.

4. Strong understanding of compliance frameworks such as ISO 27001, QCB, and NIA.

5. Experience integrating SIEM with SOAR and EDR platforms.

Role Highlights

📍 Location

Doha

💼 Work Location Type

Onsite

📈 Job Level

Senior

Getting StartedA few quick details so we know how to reach you

How did you hear about us? *

Which country's passport do you hold? *

Email *(Please ensure the email matches the one mentioned in your CV or resume)

LinkedIn Profile URL *

Please mention your notice period *

Let’s Get to Know You BetterA few short questions to understand your experience and what you enjoy doing

1. Do you possess a current 'Google Cloud Certified – Professional Cloud Security Engineer' certification? *

2. Do you have 7 or more years of experience in SIEM operations? *

3. Do you have hands-on administrative experience with both Google Chronicle SIEM and Google Cloud Security Command Center? *

4. Are you proficient in writing and tuning custom YARA-L detection rules? *

5. Do you have experience using BigQuery SQL for security analysis and threat hunting? *

6. Have you used Google Cloud Functions or Chronicle Playbooks to automate incident response actions? *

Final DetailsSalary expectations and any supporting credentials
1. Where does your salary sit today (so we can help it move up tomorrow)?*

Enter your monthly salary in your local currency

2. What’s the number that’ll make you say "this is worth it"?*

Per month, in the currency mentioned

Upload ResumeHelp us get to know you better by sharing your most recent resume