Come join Deepwatch’s team of world-class cybersecurity professionals and the brightest minds in the industry. If you're ready to challenge yourself with work that matters, then this is the place for you. We're redefining cybersecurity as one of the fastest growing companies in the U.S. – and we have a blast doing it!

Who We Are

Deepwatch is the leader in managed security services, protecting organizations from ever-increasing cyber threats 24/7/365. Powered by Deepwatch’s cloud-based security operations platform, Deepwatch provides the industry’s fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. Hundreds of organizations, from Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business. 

Our core values drive everything we do at Deepwatch, including our approach to tackling tough cyber challenges. We seek out tenacious individuals who are passionate about solving complex problems and protecting our customers. At Deepwatch, every decision, process, and hire is made with a focus on improving our cybersecurity solutions and delivering an exceptional experience for our customers. By embracing our values, we create a culture of excellence that is dedicated to empowering our team members to explore their potential, expand their skill sets, and achieve their career aspirations, which is supported by our unique annual professional development benefit.

Deepwatch recognition includes:

  • 2023, 2022 and 2021 Great Place to Work® Certified
  • 2023 and 2022 Forbes America’s Best Startup Employers
  • 2023 and 2022 Fortress Cybersecurity Award
  • 2023 $180M Series C investment from Springcoast Capital Partners, Splunk Ventures, and Vista Credit Partners of Vista Equity Partners
  • 2022 Cigna Healthy Workforce Silver Designation
  • 2022 Cybersecurity Excellence Award for MDR

SIEM Engineer II

Reporting directly to the Manager, Platform Advisory Services, the SIEM Engineer II provides support and  addresses complex challenges encountered by our customers daily. This role necessitates a solid foundation in SIEM, with a primary focus on Google SecOps, advanced proficiency in Linux systems administration, and a proven track record of using excellent soft skills to ensure positive customer interactions.  You will also act as an internal escalation point for your peers. Deepwatch is an industry leader in delivery of Cyber Resiliency.   

Candidates must display aptitude and ability to manage a multitude of virtual resources in a fast paced environment. This position is virtual / remote - working from a home office unless traveling to a corporate office or client site. 

If you want to be a part of a dynamic team that will leverage your skills to innovate and maximize customer experience, enable you to maintain a strong work life balance, and assist you in reaching your career goals within the Information Security industry, look no further - this is a great opportunity for you. 

In this role, you’ll get to:

  • Configure, manage, and maintain Google SecOps, deployments to include clustering and high availability scenarios in our customer environments
  • Monitor and manage performance of deployed Google SecOps, systems through various means
  • Secure deployed Google SecOps,systems and solutions to industry best practices
  • Perform advanced troubleshooting, upgrades, and configuration of Google SecOps,including Google SecOps,integrations and apps
  • Perform advanced troubleshooting, configuration, upgrades, and administration of Linux Operating Systems
  • Collaborate with fellow deepwatch experts to deliver superior efficiencies and enhancements to the customer via the Deepwatch Security Platform
  • Consult with customers, in all roles, including leadership, to effectively deliver security solutions, and architecture recommendations 
  • Be an escalation point for the SIEM Operations and Engineering team; focusing on excellent customer service and triaging of issues strategically in a timely manner
  • Prioritize and deliver solutions to deliverables from a wide range of engagements including:  Platform Operations and Engineering Management, cases created, and escalations for technical issues
  • Be part of the on-call rotation for critical production support outages
  • Mentor less experienced engineers, as needed
  • Participate in projects/initiatives as needed
  • Create and maintain documentation for customer environments, processes and best practices
  • Raise environmental and platform risks to management to avoid unnecessary Risk exposure
  • Keep up-to-date with information security news, techniques, and trends

To be successful in this role, you’ll need to:

  • Have SIEM Certifications (Google SecOps) and/or equivalent demonstrable advanced experience with SIEM administration
  • Have your Linux Foundation Certified System Engineer (LFCS) or Red Hat Certified Engineer (RHCE) certification and/or broad demonstrable Linux System Administration skills (e.g., CentOS, RedHat, Ubuntu, etc.) including experience with file permissions, certificates, manipulation & editing of files, system tuning, security permissions, troubleshooting, network connectivity, and automation. 
  • Demonstrate a working knowledge in at least three of the following areas: Enterprise network architecture/administration, Enterprise Network Infrastructure Engineering or administration, Cloud engineering and administration, Endpoint Engineering and Administration, Identity and Access Management, DevOps, Security Operations Center (SOC), or SIEM Architecture and Engineering
  • Be comfortable providing customer-facing operational support in cybersecurity or information technology operations
  • Communicate effectively and timely in a technical & customer facing environment
  • Demonstrate an excellent customer service mentality
  • Be self-driven and enjoy solving problems collaboratively
  • Have proficient understanding of cloud infrastructure administration (e.g., Google , AWS, Azure, GCP, etc.) 
  • Demonstrative knowledge of Docker administration
  • Demonstrable case management best practices
  • Have basic experience with:
    • Leveraging configuration management/orchestration tools such as Ansible or AWX, Puppet, Terraform or other
    • Programming/scripting tools to help automate routine tasks (e.g., Python, Bash, Powershell, etc.)
    • Version control tools (e.g., git,perforce,etc)
    • ITIL Service Management or Agile Scrum methodologies

Statutory Pay Disclosure

The anticipated salary range for this role is $130,000 to $150,000 + stock options + benefits. Actual compensation may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level.

ITAR Compliance

This position will have access to customer data and as such is subject to International Traffic in Arms Regulations (ITAR). Upon application, candidates will be asked to confirm that they are a U.S. Person as defined by the following:

  • A citizen of the U.S.;
  • A lawful permanent resident of the United States; 
  • A person admitted to the United States as a refugee; or
  • A person that has been granted asylum by the United States government.

The intent of this requirement is not to verify employment eligibility overall, but to ensure compliance with import/export regulations. If you do not meet these requirements, we encourage you to apply for other open roles at Deepwatch. This information will be verified upon offer of employment.

What We Offer:

Deepwatch is excited to provide benefits designed to support team members and their families. Including:

  • Medical, dental, vision, and disability insurance
  • Flexible Time Off (FTO), 9 company holidays, sick leave and 8-Weeks Paid Parental Leave
  • Unique professional development benefits, starting at $3,000 annually
  • Wellness contests and monthly educational programs
  • 401(K) retirement program with employer match
  • Learn more here: Deepwatch Benefits

We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates, so please don’t hesitate to apply — we’d love to hear from you.  Please review our DEI Statement here.

Deepwatch welcomes and encourages applications from people with disabilities and accommodations are available on request for candidates taking part in all aspects of the selection process. Please inform your recruiter or contact recruiting@deepwatch.com for further information.

All Deepwatch employees are expected to:

  • Be interested in and able to work remotely from a home office when not at a corporate office
  • Pass a pre-employment background and drug screen in accordance with applicable laws

Deepwatch is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, marital status, sexual orientation, gender identity, genetic information, protected veteran status, or any other characteristic protected by law.  In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.

By submitting your application, you agree that Deepwatch may collect your personal data for recruiting, global organization planning, and related purposes. The Deepwatch Privacy Policy explains what personal information we may process, where we may process your personal information, our purposes for processing your personal information, and the rights you can exercise over Deepwatch’s use of your personal information. 

Apply for this Job

* Required
resume chosen  
Dropbox
(File types: pdf, doc, docx, txt, rtf)
Cancel
cover_letter chosen  
Dropbox
(File types: pdf, doc, docx, txt, rtf)
Cancel

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in Deepwatch’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Please select
Please select
Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Please select

Voluntary Self-Identification of Disability

Form CC-305
Page 1 of 1
OMB Control Number 1250-0005
Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

  • Alcohol or other substance use disorder (not currently using drugs illegally)
  • Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
  • Blind or low vision
  • Cancer (past or present)
  • Cardiovascular or heart disease
  • Celiac disease
  • Cerebral palsy
  • Deaf or serious difficulty hearing
  • Diabetes
  • Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
  • Epilepsy or other seizure disorder
  • Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
  • Intellectual or developmental disability
  • Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
  • Missing limbs or partially missing limbs
  • Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
  • Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
  • Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
  • Partial or complete paralysis (any cause)
  • Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
  • Short stature (dwarfism)
  • Traumatic brain injury
Please select

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

Enter the verification code sent to to confirm you are not a robot, then submit your application.

This application was flagged as potential bot traffic. To resubmit your application, turn off any VPNs, clear the browser's cache and cookies, or try another browser. If you still can't submit it, contact our support team through the help center.