Senior SIEM Engineer

Amgen

Lisbon, Portugal

WHAT YOU WILL DO

As a Senior SIEM Engineer at Amgen, you will have a key role in shaping the future of our global security landscape. You’ll act as a technical leader and subject matter expert, driving our strategy for security monitoring and advanced threat detection. Your work will directly strengthen Amgen’s ability to protect patients, science, and innovation worldwide.

In this role, you’ll design and enhance modern SIEM and UEBA platforms, building scalable and automated detection capabilities across hybrid and cloud environments. You’ll partner closely with cross‑functional teams - SOC, Threat Intelligence, Incident Response, infrastructure, and applications - to embed smart, efficient, and high‑visibility monitoring across the entire organization.

Let’s do this. Let’s change the world.

In this vital role you will:

Lead the architecture, deployment, and continuous improvement of AMGEN’s SIEM and UEBA platforms.
Build robust log collection and correlation strategies across on‑prem, hybrid, and multi‑cloud environments to ensure full visibility.
Develop and optimize custom detection rules, dashboards, and analytics to identify advanced threats and minimize false positives.
Guide and mentor junior engineers, promoting automation, best practices, and high‑quality engineering standards.
Partner with SOC, Threat Intelligence, and Incident Response teams to design advanced detection analytics and improve response capabilities.
Integrate new log sources and ensure scalability in alignment with Amgen’s security architecture.
Automate repetitive workflows using scripting (Python, PowerShell, Bash, REST APIs).
Support incident investigations using SIEM data to accelerate containment and remediation.
Collaborate with infrastructure and application teams to strengthen logging, monitoring, and compliance.
Manage vendor relationships, platform health, upgrades, audits, and SIEM lifecycle processes.
Contribute to Amgen’s long‑term security monitoring strategy and innovation pipeline.

WHAT WE EXPECT OF YOU

We welcome people who bring unique strengths, backgrounds, and perspectives. The ideal candidate is a strong technical leader with a passion for cybersecurity, analytics, and driving continuous improvement in global-scale environments.

A solid educational background in IT or a related field (Master’s, Bachelor’s with relevant experience).
Hands‑on experience working with SIEM and UEBA platforms.
Strong understanding of threat detection, log management, and modern security analytics.
Experience designing or improving security monitoring and automation solutions.
Familiarity with well‑known cybersecurity frameworks like NIST CSF, MITRE ATT&CK, or ISO 27001.
Practical experience with leading SIEM tools (e.g., Splunk, QRadar, ArcSight, Sentinel) and log pipelines.
Exposure to cloud environments (AWS, Azure, GCP), threat hunting, or SOAR automation.
Ability to script in Python, PowerShell, or Bash to simplify and improve workflows.
Professional security certifications (e.g., GCDA, GCIH, GCIA, CISSP, CISM, Security+, cloud certs) are a strong plus.
Strong communication, teamwork, problem‑solving, and the ability to work effectively in global teams.