Arηs Group – part of Accenture - is a market leader in managing complex IT projects and systems. Founded in Luxembourg in 2003, we have grown to 12 entities worldwide, employing over 2,500 people across Luxembourg, Belgium, Greece, Italy, Portugal, and Bulgaria. We focus on delivering results by providing bespoke software development, data science, infrastructure, digital trust, and mobile development to government institutions, telecom providers, and financial institutions. Our company culture emphasizes hard work and employee empowerment within a flat, agile structure that supports diversity and continuous learning.
Job Description
ARHS Group – part of Accenture – seeks a highly motivated SIEM Architect for a key client in the financial sector.
The successful candidate will lead initiatives and contribute to project success through technical expertise, strategic thinking, and effective communication.
Context
Support and advisory services focusing on technologies like Splunk, Sentinel, and Elastic.
The project involves integrating multiple legacy SIEM platforms into a unified, scalable solution via security engineering expertise in detection, data ingestion, and validation activities.
Role & Responsibilities
1. Assess and translate detection rules from legacy SIEMs to the target platform.
2. Support the RFP process for SIEM selection.
3. Assist migration of data sources, including validation, parsing, enrichment, and tagging.
4. Maintain or improve critical alerting and correlation use cases after migration.
5. Work with SOC and engineering teams to implement scalable log ingestion and retention policies.
6. Integrate detection rules into CI/CD pipelines for lifecycle management.
7. Implement enrichment and contextual tagging using internal and external data sources.
8. Configure federated search and ensure data remains securely stored.
9. Validate detection logic performance using datasets or log replay.
10. Provide documentation, updates, and knowledge transfer to teams.
11. Offer tuning recommendations and post-migration optimization support.
12. Maintain inventory of log sources, detection rules, and integrations.
13. Develop migration plans and validate ingestion pipelines.
14. Configure enrichment and correlation settings.
15. Define tests, review results, and document detection tuning.
16. Summarize migration outcomes, validate coverage, and track gaps.
17. Document transitioned components.
Qualifications
Your profile
1. Degree in Computer Science, Cybersecurity, Data Engineering, or related field, or equivalent experience. Cybersecurity background preferred.
2. Strong analytical skills, attention to detail, and ability to collaborate across teams.
3. Excellent communication skills for technical and executive audiences.
Technical skills
1. 8–10 years in security architecture roles, with expertise in managing SIEM platforms like Splunk, Sentinel, Elastic.
2. Experience consolidating SIEMs in hybrid cloud and on-prem environments, including data normalization, rule migration, and pipeline optimization.
3. Deep understanding of SIEM architecture, log pipelines, data parsing, and alert development.
4. Knowledge of compliance standards such as PCI DSS, ISO 27001, HIPAA, SOC 2.
5. Understanding of threat detection, data privacy, threat modeling, and risk assessment.
6. Experience designing scalable data pipelines for security telemetry.
#J-18808-Ljbffr