Cyber Defense Engineer - SIEM

The Company

NorthMark Strategies is a leading investment firm, combining capital, innovation, and engineering to drive long-term value. From operating complex businesses to backing breakthrough technologies, our mission is to build enduring businesses. Our team combines intelligent risk-taking, operational excellence, exceptional talent, and world-class computing capacity to create shareholder value.
 

Our company offers a dynamic environment where individuals have the freedom to lead companies toward bold achievements by embracing innovation, leveraging technology, and fostering differentiated business strategies. Our values are Integrity, Ability, and Energy, and the company aims to hire individuals who possess those qualities.

At NorthMark Strategies, we believe the future isn’t something to hope for, it’s something to build. We don’t just invest, we create. Bringing together strategic insight and technical horsepower to deliver outcomes that endure.

The Position

The Cyber Defense Engineer – SIEM reports to the Director of Cyber Defense and operates within the Office of the CISO. This role is responsible for architecting, developing, and implementing advanced security solutions that enhance cyber defense investigations and incident response capabilities.

This position places a strong emphasis on AI-driven security engineering, including the development of intelligent detection systems, automation pipelines, and data-driven defense mechanisms. The ideal candidate will combine deep expertise in the Microsoft security ecosystem with experience leveraging artificial intelligence and machine learning to improve SIEM/SOAR performance, detection fidelity, and operational efficiency.

You will collaborate across IT and security teams to design scalable logging, enrichment, and response architectures, while continuously advancing the organization’s AI-enabled SIEM engineering maturity.

Responsibilities:

Design, develop, and deploy AI-enhanced detections and automations within the SIEM/SOAR platform to improve signal-to-noise ratio and reduce alert fatigue.

• Engineer and optimize SIEM pipelines using AI/ML techniques for anomaly detection, behavioral analytics, and threat correlation.
• Integrate SIEM with security tools and data sources to build a context-rich, intelligence-driven monitoring ecosystem.
• Develop and implement AI-assisted threat detection models, including user/entity behavior analytics (UEBA) and predictive analytics.
• Collaborate with cyber defense operations to identify emerging threats and capability gaps, leveraging AI to proactively strengthen defenses.
• Build and maintain automated response orchestration and intelligent playbooks that adapt based on threat context.
• Design automation for alert enrichment, triage, and response using both rule-based and AI-assisted decisioning frameworks.
• Partner with IT and engineering teams to ensure comprehensive telemetry collection and high-quality data pipelines.
• Continuously improve SIEM engineering practices, including data normalization, enrichment strategies, and AI model tuning.
• Support SOC operations by enhancing detection engineering, incident response workflows, and operational metrics through AI augmentation.

Requirements:

• Bachelor’s degree in computer science, Information Security, or a related field.

• 4–6+ years of experience in cybersecurity engineering, SOC engineering, or insider threat.
• Demonstrated expertise in SIEM engineering and security monitoring at scale.
• Experience integrating or developing AI/ML capabilities within security operations or detection engineering.
• Strong understanding of the Microsoft security stack (e.g., Sentinel, Defender suite)
• Proficiency with automation tooling and scripting languages (KQL, Python, Powershell)

• Proficiency in API development with the goal of integrating security tooling
• Familiarity with various log ingestion methodologies into a SIEM environment.
• Experience in multi-tenant or MSP like environments a plus

• Highly motivated self-starter who thrives on positively influencing the environment.

It is impossible to list every requirement for, or responsibility of, any position.  Similarly, we cannot identify all the skills a position may require since job responsibilities and the Company’s needs may change over time.  Therefore, the above job description is not comprehensive or exhaustive.  The Company reserves the right to adjust, add to or eliminate any aspect of the above description.  The Company also retains the right to require all employees to undertake additional or different job responsibilities when necessary to meet business needs.

Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.

Benefits & Perks:

• Company-Paid Lunch Stipend: Lunch is provided via GrubHub

• Company-Paid Benefits: 100% Employer-Paid Medical in our High Deductible Health Plan, Dental and Vision benefits for employees and their families, 16 weeks of Paid Parental Leave, Employee Assistance Program, Life insurance, Short-Term Disability and Long-Term Disability

• 401(k): Company will match 100% of your contributions up to 6%

• Optional Employee-Paid Benefits: Medical insurance in our PPO plan and a variety of other benefits such as Health Savings Accounts (with Company Contribution!), Flexible Spending Accounts, Supplemental Life Insurance, Wellhub and more.

• Time Off:  25 days of Paid Time Off plus 12 company holidays

EQUAL OPPORTUNITY EMPLOYER

NORTHMARK STRATEGIES LLC IS AN EQUAL EMPLOYMENT OPPORTUNITY EMPLOYER. THE COMPANY'S POLICY IS NOT TO DISCRIMINATE AGAINST ANY APPLICANT OR EMPLOYEE BASED ON RACE, COLOR, RELIGION, NATIONAL ORIGIN, GENDER, AGE, SEXUAL ORIENTATION, GENDER IDENTITY OR EXPRESSION, MARITAL STATUS, MENTAL OR PHYSICAL DISABILITY, AND GENETIC INFORMATION, OR ANY OTHER BASIS PROTECTED BY APPLICABLE LAW. THE FIRM ALSO PROHIBITS HARASSMENT OF APPLICANTS OR EMPLOYEES BASED ON ANY OF THESE PROTECTED CATEGORIES.