Security Monitoring Engineer

About the role

As a Security Monitoring Engineer at Bosal Group, you will design, build, and operate a centralized security monitoring and incident detection platform for the company's global IT environment. You will create a SIEM solution from the ground up and ensure it delivers effective detection and response across diverse systems.

Key responsibilities

• Design, implement, and operate a SIEM platform (e.g., Microsoft Sentinel or equivalent).
• Onboard and normalize logs from Palo Alto firewalls, Prisma Access, Cisco switches, wireless controllers, ISE, Catalyst Center, Windows and Linux servers, Microsoft 365, and other critical SaaS applications.
• Define, prioritize, and maintain detection use cases aligned with asset criticality and risk.
• Develop detection rules, incident response workflows, and playbooks.
• Correlate incidents with vulnerability and exposure data and support TISAX evidence requirements.
• Continuously improve detection coverage while reducing false positives.
• Ensure monitoring and incident response capabilities remain audit‑ready.

Required profile

• 4+ years of experience in security operations, SOC, or related roles.
• Proven experience building or extending SIEM platforms in heterogeneous environments.
• Strong understanding of incident response processes.
• Entrepreneurial mindset and desire to grow professionally.

Required skills

• SIEM platforms such as Microsoft Sentinel, Splunk or similar.
• Log ingestion and parsing (syslog, APIs).
• Windows and Linux logging.
• Network and firewall logging concepts, including Palo Alto firewalls and Prisma Access.
• Cisco networking devices (switches, WLCs, ISE, Catalyst Center).
• Microsoft 365 and identity services.
• Detection rule development and incident response workflow design.

What we offer

• Inspiring work environment within a global Tier 1 automotive supplier.
• Competitive remuneration package with additional benefits.