Cybersecurity/Security Data Platform ARCHITECT (SIEM) – Remote

Role: Senior SIEM Architect with cloud-native AI/ML

Remote in USA (candidates to work with the India team (time zone))

Duration: 6 – 12 months

 

Please set the expectation with the candidate that they will be working closely with the India-based development team. As a result, they will be required to maintain approximately 3–4 hours of overlap with the India team each day to support effective collaboration and communication.

 

Role Summary

We are seeking a Senior SIEM Architect to design and build a cloud-native AI/ML observability platform.

You will build a production-grade SIEM collector pipeline that ingests, normalises, and analyses multi-cloud telemetry to enable real-time detection, analytics, and governance.

 

Required Qualifications

• Expert in SIEM, multitenant distributed SAAS applications, Java microservices.
• Strong Experience with leading SIEM platforms (e.g., Splunk, Sentinel, Elastic, Chronicle)
• Strong background in large-scale log processing
• Hands-on experience with OpenTelemetry (OTel Collector, OTTL)
• Strong streaming/data pipeline expertise (Kafka + Kinesis/Event Hub/PubSub; Flink/Kafka Streams; Data warehousing and analytics technologies)
• Working knowledge of ML-based anomaly detection and behavioural analytics is a plus.
• Experience with Kubernetes and Infrastructure as Code 

 

Key Responsibilities

• Architect and implement multi-tenant SIEM Collector pipelines services (receivers, processors, exporters) across AWS, Azure, and GCP and other feeds.
• Build multi-source ingestion from CloudTrail, Azure Monitor, GCP Audit Logs, Splunk, Sentinel, and API logs
• Normalise telemetry to OTel semantic conventions.
• Design and implement: Detection engines (rules + ML anomaly detection)
• Behavioural analytics (entity/data flow modelling)
• Develop analytics for: Usage patterns, risk scoring, and data flow insights
• Enable real-time alerting, severity classification, and audit logging (immutable storage)
• Implement DLQ, and replay pipelines
• Partner with other engineers, product managers and engineering stakeholders to deliver implementation.

 

 

Regards,

Vineet Sharma

Sr Associate – Talent Acquisition

KAnand Corporation

LinkedIn: https://www.linkedin.com/in/vineetshr/

Email: vineet.s@kanandcorp.com