We are seeking a Technical Support Engineer with deep knowledge in SIEM technologies and cybersecurity practices to join our world-class support team. In this role, you will work closely with customers to troubleshoot complex issues involving security analytics, threat detection, log management, and compliance using the Sumo Logic platform.
You will become a trusted advisor to our customers, helping them leverage the full power of Sumo Logic’s security suite. The ideal candidate will bring strong technical expertise, a problem-solving mindset, and a passion for improving security outcomes for customers.
Responsibilities- Act as a primary technical contact for customer support cases related to SIEM, security analytics, log ingestion, and threat detection.
- Diagnose and resolve product issues, particularly those involving security data sources (e.g., firewall logs, endpoint logs, threat intel feeds) and Sumo Logic’s Cloud SIEM capabilities.
- Guide customers in parsing, normalizing, and analyzing security data using Sumo Logic's tools and query languages (e.g., Search Processing Language).
- Collaborate with engineering and product teams to reproduce and escalate product defects, offering insights based on customer environments and use cases.
- Contribute to and improve internal and external knowledge base articles, especially on security best practices, data onboarding, and use-case implementation.
- 3–5+ years of experience in technical support, SOC operations, or a related role with a focus on SIEM or security analytics.
- Hands-on experience with Sumo Logic or other SIEM platforms (e.g., Splunk, QRadar, LogRhythm, Sentinel).
- Strong understanding of cybersecurity principles, threat detection methodologies, and compliance standards (e.g., NIST, MITRE ATT&CK, PCI DSS).
- Experience with log collection and analysis from sources such as firewalls, IDS/IPS, antivirus, and cloud platforms (AWS, Azure, GCP).
- Proficiency with search/query languages, scripting (Python, Bash), and regular expressions.
- Excellent troubleshooting skills and customer service orientation.
- Strong written and verbal communication skills.
- Security certifications such as Security+, SSCP, GSEC, CEH, or Splunk/Sumo Logic certifications.
- Experience in cloud-native security architectures.
- Familiarity with JSON, REST APIs, and log forwarding mechanisms (e.g., Syslog, Fluentd).
Sumo Logic, Inc. empowers the people who power modern, digital business. Sumo Logic enables customers to deliver reliable and secure cloud-native applications through its Sumo Logic SaaS Analytics Log Platform, which helps practitioners and developers ensure application reliability, secure and protect against modern security threats, and gain insights into their cloud infrastructures. Customers worldwide rely on Sumo Logic to get powerful real-time analytics and insights across observability and security solutions for their cloud-native applications. For more information, visit www.sumologic.com.
Sumo Logic Privacy Policy. Employees will be responsible for complying with applicable federal privacy laws and regulations, as well as organizational policies related to data protection.
Top Skills
What We Do
Sumo Logic is the pioneer in continuous intelligence, a new category of software, which enables organizations of all sizes to address the data challenges and opportunities presented by digital transformation, modern applications, and cloud computing. The Sumo Logic Continuous Intelligence Platform™ automates the collection, ingestion, and analysis of application, infrastructure, security, and IoT data to derive actionable insights within seconds. More than 2,100 customers around the world rely on Sumo Logic to build, run, and secure their modern applications and cloud infrastructures. Sumo Logic delivers its platform as a true, multi-tenant SaaS architecture, across multiple use-cases, enabling businesses to thrive in the Intelligence Economy.
