ZipRecruiter

Log In

1

Helper Siem Jobs (NOW HIRING)

Acronis

$113K - $155K/yr

WHAT YOU'LL DO Elastic SIEM & Platform Engineering: * Own and optimize the Elastic Security ... Map detections to MITRE ATT&CK and help drive detection coverage strategy * Track detection quality ...

Acronis

$122K - $168K/yr

WHAT YOU'LL DO Elastic SIEM & Platform Engineering: * Own and optimize the Elastic Security ... Map detections to MITRE ATT&CK and help drive detection coverage strategy * Track detection quality ...

Acronis

$110K - $151K/yr

WHAT YOU'LL DO Elastic SIEM & Platform Engineering: * Own and optimize the Elastic Security ... Map detections to MITRE ATT&CK and help drive detection coverage strategy * Track detection quality ...

Acronis

$95K - $130K/yr

WHAT YOU'LL DO Elastic SIEM & Platform Engineering: * Own and optimize the Elastic Security ... Map detections to MITRE ATT&CK and help drive detection coverage strategy * Track detection quality ...

Elite Technical

Sr. Security Analyst

Scott Air Force Base, IL · On-site

$92K - $121K/yr

Sr Security Analyst We are seeking a Security Analyst with strong Elastic SIEM experience and solid cybersecurity fundamentals who can investigate alerts, hunt threats, and help operationalize ...

ECS

Sr Security Analyst

Scott Air Force Base, IL · On-site

$92K - $121K/yr

We are seeking a Security Analyst with strong Elastic SIEM experience and solid cybersecurity fundamentals who can investigate alerts, hunt threats, and help operationalize detection capabilities ...

next page

Showing results 1-20

All JobsHelper Siem Jobs

Helper Siem information

See salary details

$10

$18

$23

How much do helper siem jobs pay per hour?

As of Jun 29, 2026, the average hourly pay for helper siem in the United States is $18.20, according to ZipRecruiter salary data. Most workers in this role earn between $14.42 and $18.27 per hour, depending on experience, location, and employer.

What are the typical responsibilities of a Helper in a Security Information and Event Management (SIEM) team?

Helpers in a SIEM team typically assist in monitoring security alerts, gathering and organizing event logs, and supporting analysts with the initial investigation of potential threats. They may also help document incidents, maintain security tools, and ensure timely escalation of critical findings to senior team members. This role requires strong attention to detail and a willingness to learn about cybersecurity practices, making it a great entry point for those interested in advancing within the field.

What is the difference between Helper Siem vs Security Analyst?

AspectHelper SiemSecurity Analyst
Required CredentialsBasic certifications, training programsAdvanced certifications like CISSP, CEH
Work EnvironmentEntry-level, support role in security teamsSenior, strategic security operations
Employer & Industry UsageIT support, cybersecurity firms, managed service providersCorporate security teams, government agencies

Helper Siem roles typically require basic certifications and involve supporting security operations, often in entry-level environments. Security Analysts have more advanced credentials and handle complex security analysis and incident response. While Helper Siem positions focus on monitoring and basic troubleshooting, Security Analysts develop strategies to prevent and respond to security threats.

What are the key skills and qualifications needed to thrive as a SIEM (Security Information and Event Management) Helper, and why are they important?

To thrive as a SIEM Helper, you need a basic understanding of cybersecurity principles, familiarity with log management, and often a foundational IT or cybersecurity certification. Experience with SIEM platforms such as Splunk, IBM QRadar, or ArcSight, as well as knowledge of scripting languages and security monitoring tools, is typically required. Strong analytical thinking, attention to detail, and effective communication are soft skills that help in identifying and escalating security incidents. These skills are vital to efficiently support security operations and ensure the timely detection and response to potential threats.

What are Helper SIEM roles?

Helper SIEM roles typically refer to entry-level or supporting positions within the field of Security Information and Event Management (SIEM). Individuals in these roles assist with monitoring, analyzing, and responding to security events using SIEM tools. They help senior analysts with routine tasks like log collection, event correlation, and generating reports, which contribute to an organization's overall cybersecurity posture. This position is ideal for those looking to start a career in cybersecurity and gain hands-on experience with security technologies.
What cities are hiring for Helper Siem jobs? Cities with the most Helper Siem job openings:
What are the most commonly searched types of Siem jobs? The most popular types of Siem jobs are:
What states have the most Helper Siem jobs? States with the most job openings for Helper Siem jobs include:
Helper Siem jobs near you

Senior Security Engineer - Elastic SIEM and Detection Engineering

Acronis

$113K - $155K/yr

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 14 days ago

Key responsibilities

  • Own and optimize the Elastic Security platform, including log ingestion, platform optimization, and SIEM workflow integration with automation tooling.

  • Build, maintain, and tune detection pipelines and high-fidelity detections using Detection-as-Code workflows, EQL, and KQL.

  • Assist with complex alert escalations, perform initial incident scoping and containment actions, and translate incident learnings into improved detections.

Job description

Acronis is a global leader in cyber protection, delivering AI-powered protection for productive MSPs in a single, natively integrated platform that unifies operations management, cybersecurity, and data protection. Driven by our mission to protect, manage and automate every workload that businesses and lives depend on, we've built the industry's only all-in-one solution.
We're looking for a Senior Security Engineer to lead our Elastic SIEM and Detection Engineering program. This is an engineering-first role focused on building scalable detection pipelines, improving telemetry quality, and developing high-confidence detections that help security teams move faster and respond more effectively.
You'll own the evolution of our Elastic Security environment - from log ingestion and platform optimization to Detection-as-Code pipelines and detection coverage strategy. This role is ideal for someone who enjoys building systems, improving signal quality, automating workflows, and solving detection engineering problems at scale.
While the primary focus is engineering, you'll also serve as a Tier 2 escalation point for complex security events, helping scope incidents, initiate containment when needed, and improve detections based on real-world activity.
This is a high-impact role with significant ownership and the opportunity to shape how detection engineering is implemented across the organization.

WHAT YOU'LL DO

Elastic SIEM & Platform Engineering:

  • Own and optimize the Elastic Security platform (Elasticsearch, Kibana, Fleet, Logstash, Elastic Agents)

  • Design and maintain ingestion pipelines for cloud, endpoint, network, and application telemetry

  • Improve telemetry quality, data retention, performance, and investigation workflows

  • Integrate SIEM workflows with SOAR and automation tooling

Detection Engineering & Detection-as-Code:

  • Build and maintain a Detection-as-Code pipeline using Git-based workflows and CI/CD automation

  • Develop, test, tune, and maintain high-fidelity detections using Elastic Security, EQL, and KQL

  • Reduce alert noise through tuning, enrichment, suppression, and exception handling

  • Map detections to MITRE ATT&CK and help drive detection coverage strategy

  • Track detection quality metrics including alert fidelity, false positive rates, and coverage gaps

Incident Response Support:

  • Assist with complex alert escalations and perform initial incident scoping

  • Execute initial containment actions when necessary (endpoint isolation, IP/domain blocking, account suspension)

  • Participate in a low-frequency on-call rotation for critical incidents

  • Translate incident learnings into improved detections and telemetry coverage

Collaboration & Automation:

  • Partner with infrastructure, DevSecOps, and cloud teams to improve logging and visibility

  • Build automation and tooling using Python and/or PowerShell

  • Support purple team exercises and adversary simulations

WHO WE'RE LOOKING FOR

  • 5+ years of cybersecurity engineering experience

  • 3+ years focused on SIEM engineering, detection engineering, or security analytics

  • Strong hands-on experience with Elastic Security and the Elastic Stack

  • Experience building or maintaining Detection-as-Code workflows using Git and CI/CD pipelines

  • Strong understanding of detection tuning, alert fidelity, and operational detection quality

  • Ability to independently investigate complex alerts and produce actionable findings

Technical Experience:

  • Elastic Security, Kibana, Fleet, Elastic Agents, EQL/KQL

  • Detection engineering and MITRE ATT&CK mapping

  • Jenkins, Bitbucket Pipelines, GitHub Actions, or similar CI/CD tooling

  • Python and/or PowerShell scripting

  • AWS CloudTrail, VPC Flow Logs, Azure Monitor, or similar telemetry sources

  • TCP/IP, DNS, HTTP/S, and common attack patterns

  • Threat intelligence enrichment and operationalization

Nice to Have:

  • SOAR playbook development and automated response workflows

  • Sigma rule development

  • Elastic detection-rules ecosystem familiarity

  • Terraform or Ansible experience

  • Previous SOC or Incident Response background

What Success Looks Like:

  • 30 Days: Validate telemetry sources and establish initial detection coverage baseline

  • 90 Days: Operational Detection-as-Code pipeline with initial custom detections deployed

  • 180 Days: Reduced alert noise, improved coverage visibility, and stabilized SIEM operations

WHO WE ARE

A Swiss company foundedin Singapore in2003, Acronis offers over twenty years of innovation with 15 offices worldwide and more than 1800 employees in 50+ countries. Acronis Cyber Protect is available in 26 languages in 150 countries and is used by over 20,000 service providers to protect over 750,000 businesses.

Our corporate culture centers on innovation, accountability, and impact. We encourage our people to think boldly, challenge conventional approaches, and take ownership of outcomes. As a member of our global "A-Team,"you'lloperatein a high-growth, fast-paced environment where resilience, adaptability, and a commitment to continuous improvement drive success.

The US pay range for this position is $123,000-$180,000. This range reflects the minimum andmaximumtotal target annual compensation for this role across all U.S. locations. The actual compensation offered at the start of employment isdeterminedbased on factors including, but not limited to, experience level, knowledge, skills, and geographic location.

In addition to competitive compensation, this role includes a comprehensive benefits package featuring medical, dental, and vision coverage, flexible spending accounts (FSA),disabilityand life insurance, a401(k) retirementplan with company match, and a generous vacation policy.

Acronis is an equalopportunityemployer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, marital status, national origin, physical or mental disability, medical condition, protectedveteran status, race, religion, sex (including pregnancy), sexual orientation, gender identity or expression, or any other characteristic protected by applicable laws, regulations and ordinances.

Apply