The Opportunity:  

As a Senior Associate-SIEM Implementation Engineer, unlock your potential and embrace the chance to drive meaningful outcomesthat’llelevate your career. Your role will include, but isn’tlimited to:

• Lead technical deliverables for SIEM implementation and operations including Microsoft Sentinel, Google SecOps, Palo Alto XSIAM, and Devo. 

• Perform Proof of Concept (PoC) and Proof of Value (PoV) engagements to evaluate SIEM capabilities anddemonstratevalue to stakeholders. 

• Conduct SIEM assessments toidentifygaps, recommend improvements, and align with security best practices. 

• Develop andmaintaindata pipelines for log ingestion, normalization, and enrichment across cloud and on-prem environments. 

• Integrate log sources using connectors, custom scripts, and parsers to ensure complete visibility and compatibility with SIEM platforms. 

• Build use cases aligned with NIST and MITRE ATT&CK frameworks to enable detection at various stages of a cyber-attack. 

• Implement detection rules using SPL/KQL with complex correlation across different data sources. 

• Develop dashboards, alerts, and workbooks for security monitoring and reporting. 

• Implement SOAR workflows using Logic Apps, Phantom,Demisto, and XSOAR platforms. 

• Perform health checks, tuning, and optimization of SIEM platforms to ensure high performance and accuracy. 

• Create andmaintaindocumentation including SOPs, runbooks, architecture diagrams, and onboarding guides. 

• Collaborate with cross-functional teams including SOC, threat hunters, infrastructure, and cloud teams to support delivery and ensure quality standards. 

• Lead technical deliverables for SIEM implementation and security operations engagements, including log source onboarding, parser development, SIEM contentdeployment through CI/CD pipelines using GitHub, detection use case implementation, and operational readiness activities. 

• Develop and support custom integrations to SIEM platforms, especially Microsoft Sentinel and Google SecOps, including scripts, APIs, parsers, data transformation logic, and data pipeline management activities such asDataBahn. 

• Apply AI capabilities in a security-focused manner to improvedetectionengineering, content optimization, operational efficiency, and analytical outcomes while maintainingstrong security and governance awareness. 

What You'll Bring:
Your skills, knowledge, and experiences are what set you apart. Here's what we look for:  

• Hands-on experience with Microsoft Sentinel, Google SecOps, Palo Alto XSIAM, Devo, and Splunk. 

• Strong understanding of SIEM architecture, implementation, integration, log management, and threat detection methodologies. 

• Experience in developing and tuning security use cases and alerts. 

• Proficiencyin scripting languages such as Python, PowerShell, and Bash for automation and data processing. 

• Experience with cloud platforms including Azure, GCP, and AWS. 

• Knowledge of data pipeline tools includingCriblfor log routing, enrichment, and deduplication. 

• Familiarity with REST APIs, JSON, and integration of third-party security tools. 

• Experience with SOAR platforms and playbook development for incident response automation. 

• Understanding ofsecurity concepts such as cyber-attacks, threat vectors, risk management, and incident management. 

• Strong analytical and problem-solving skills with attention to detail. 

• Excellent communication, documentation, and client engagement skills. 

• Experience deploying SIEM content through CI/CD practices using GitHub, including version control, peer review, change tracking, and structured promotion of content across environments. 

• Experience managing security data pipelines and ingestion workflows, including data transformation, normalization, troubleshooting, and platforms or capabilities such asDataBahn. 

• Strong understanding of AI concepts and tools, with the ability to apply them in security-oriented use cases such as detection improvement, threat analysis, automation support, and security operations optimization. 

• Proficiencyin Microsoft Office tools, especially Excel, Word, PowerPoint, Teams, and Outlook, with the ability to create polished client-facing documents, trackers, presentations, and meeting outputs. 

• PwC Canada is committed to cultivating an inclusive, hybrid work environment. Exact expectations for your team can be discussed with your interviewer.

Qualifications: 

• Bachelor's degree in computer science, Cybersecurity, or related field. 

• Preferred certifications: Microsoft Certified: Security Operations Analyst Associate, SC-200, AZ-500, Google Professional Cloud Security Engineer, CISSP, CISM, GIAC. 

• Minimum 3 years of experience in SIEM implementation and security operations. 

• Demonstrated ability to work collaboratively across teams and manage multiple client engagements. 

• Commitment to continuous learning and adapting to evolving cybersecurity technologies. 

• Experience ina consulting, client delivery, or professional services environment is preferred.