Senior Security Manager // SIEM

Job Description
A large enterprise organization based in Malvern, PA is seeking an experienced SIEM Manager to lead and grow its Security Information and Event Management (SIEM) program. This role will oversee a team of 5–6 SIEM engineers and play a critical role in defining and executing the long-term strategy following a recent migration from Splunk to Elastic.

This is a hands-on leadership position focused on people management, enterprise-wide collaboration, and strategic ownership of the SIEM platform. The ideal candidate is a seasoned manager with deep SIEM knowledge, strong stakeholder engagement skills, and experience balancing security outcomes with cost and operational efficiency. This is a direct-hire opportunity with a hybrid schedule (3 days onsite) in Malvern, PA, offering a competitive base salary and bonus structure.

Required Skills & Experience

7+ years of experience in information security, with significant focus on SIEM platforms

3+ years of people management experience, leading technical security or SIEM teams

Strong understanding of SIEM architecture, log management, alerting, and detection engineering

Experience working with cloud technologies (AWS, Azure, or GCP) in a SIEM context

Proven ability to manage SIEM operations, performance, and scalability

Strong awareness of cost drivers in modern SIEM platforms (ingestion, storage, licensing, retention)

Experience working cross-functionally with IT, security, infrastructure, and business teams

Excellent communication and leadership skills, with the ability to influence at multiple levels

Ability to define strategy, prioritize initiatives, and translate business needs into technical outcomes

Desired Skills & Experience

Hands-on or leadership experience with Elastic SIEM / Elastic Stack (a strong plus, not required)

Experience leading or supporting a SIEM migration or modernization initiative

Familiarity with detection engineering, threat monitoring, and SOC workflows

Experience working in large, complex enterprise environments

Knowledge of additional Elastic capabilities beyond SIEM (e.g., observability, search, endpoint)

Understanding of compliance, audit, and security governance requirements

What You Will Be Doing

Lead and manage a team of 5–6 SIEM engineers, providing mentorship, direction, and performance oversight

Own the long-term strategy and roadmap for the organization’s Elastic SIEM platform

Oversee day-to-day SIEM operations, ensuring reliability, efficiency, and security value

Partner with IT, security operations, cloud, and business stakeholders across the enterprise

Evaluate and manage SIEM costs, ingestion strategies, and data retention policies

Identify opportunities to expand and optimize Elastic capabilities beyond core SIEM use cases

Ensure SIEM initiatives align with broader security and business objectives

Drive continuous improvement in detection, visibility, and operational maturity

Tech Breakdown

40% Team Leadership & People Management

25% SIEM Strategy & Roadmap Ownership

20% Cross-Enterprise Collaboration & Stakeholder Engagement

15% Platform Optimization, Cost Awareness, and Capability Expansion

The Offer

Competitive base salary plus annual bonus structure

Hybrid schedule: 3 days onsite in Malvern, PA

Comprehensive health, dental, and vision insurance

401(k) with employer match

Paid time off and company holidays

Long-term career growth within a stable, enterprise organization

Applicants must be currently authorized to work in the U.S. on a full-time basis now and in the future.