Staff Cyber Security Engineer ( ES|QL, Elastic SIEM )

Category Engineering Hire Type Employee Job ID 17216 Remote Eligible No Date Posted 05/05/2026

We Are

Synopsys is the leader in engineering solutions from silicon to systems, enabling customers to rapidly innovate AI-powered products. We deliver industry-leading silicon design, IP, simulation and analysis solutions, and design services. We partner closely with our customers across a wide range of industries to maximize their R&D capability and productivity, powering innovation today that ignites the ingenuity of tomorrow.

You Are

You are the kind of engineer who finds satisfaction in making sure the right security data is in the right place at the right time, every time. You see SIEM not as a checkbox, but as a living platform that keeps evolving—if you can spot the gaps, close them, and keep the signal clean. You’ve spent real time in Elastic, not just reading the docs, but getting your hands dirty onboarding logs, tuning parsers, and troubleshooting pipelines that suddenly stopped behaving at 2 a.m. You know that the value of a detection rule is in the threats it actually finds, not the ones it should find in theory. You like collaborating with other security folks, but you’re also comfortable working on your own stretch of the platform, taking a project from “here’s the ask” to “here’s the dashboard.” You are clear and direct in your documentation because you know someone will need to pick up your work at 3 a.m. You want to build things that last, and you want your work to move the needle on real-world security.

What You'll Be Doing

• Implement, administer, and maintain Elastic SIEM platform components following existing architectures and standards
• Onboard new log sources using syslog, Elastic Agents, Logstash, Filebeat, and APIs, validating data quality and coverage
• Develop and maintain parsers, enrichments, and normalization pipelines in line with Elastic Common Schema (ECS)
• Work with application owners to define logging requirements and enforce data quality standards
• Build and maintain SIEM correlation rules, dashboards, and reports that drive threat detection and investigation
• Monitor SIEM data flow, ingestion health, and data growth, identifying and escalating issues as needed
• Tune detections and dashboards with CSIRT and SecOps to reduce noise and improve actionable alerts
• Produce clear, accurate documentation for parsers, detections, and operational procedures

The Impact You Will Have

• Increase visibility into security events across Synopsys by improving log onboarding and data normalization
• Enable faster, more accurate threat detection through robust rules and actionable dashboards
• Boost platform reliability and operational efficiency with stable ingestion and standardized pipelines
• Empower incident response teams to investigate with confidence using consistent, well-structured data
• Strengthen partnerships between security engineering and operations by delivering reliable SIEM outputs
• Help Synopsys meet compliance and audit needs with reliable data archiving and recovery support

What You'll Need

• 5 to 8 Yrs of experience implementing and operating Elastic SIEM or Elasticsearch-based log analytics environments
• Hands-on background ingesting data with Elastic Agents, Logstash, Filebeat, or similar tools
• Experience building parsers, enrichments, and normalization pipelines for security logs
• Familiarity with Elastic Common Schema (ECS) concepts and best practices
• Experience supporting Elastic deployments in on-prem and/or cloud environments
• Practical skills with at least one scripting or development language (Python, PowerShell, or Bash) and regular expressions
• Ability to clearly document technical work and communicate with technical and non-technical colleagues
• Experience with cloud platforms (AWS, Azure, or GCP) security logging is a plus
• Knowledge of MITRE ATT&CK or threat detection methodologies is a plus
• Exposure to machine learning or analytics in security contexts is a plus

Who You Are

• You deliver hands-on technical work that stands up to real-world use, not just demos
• You are comfortable owning defined SIEM projects and working independently within established frameworks
• You sweat the details, especially when it comes to data accuracy and reliability
• You collaborate with security and engineering colleagues, sharing knowledge and building trust
• You are curious and push yourself to deepen your expertise in SIEM, detection engineering, and security analytics
• You make smart, practical decisions about tools and solutions, balancing standards with the needs of the moment

The Team You'll Be Part Of

Your recruiter will share more about the team structure and mission during the interview process.

Rewards and Benefits

We offer a comprehensive range of health, wellness, and financial benefits to cater to your needs. Our total rewards include both monetary and non-monetary offerings. Your recruiter will provide more details about the salary range and benefits during the hiring process.

At Synopsys, we want talented people of every background to feel valued and supported to do their best work. Synopsys considers all applicants for employment without regard to race, color, religion, national origin, gender, sexual orientation, age, military veteran status, or disability.