img
Contract TypeSeasonal
Workplace typeOn-site
LocationRiyadh

Job Description

About the Role

Penta Consulting is seeking a SIEM Architect for a contract position in Riyadh, Saudi Arabia. This role is designed for an individual with comprehensive end-to-end experience in architecting and implementing enterprise-scale SIEM platforms within a modern Security Operations Centre (SOC). The focus is on shaping core SOC architecture, ensuring high-quality log ingestion, robust detection engineering, and alignment with operational security requirements, rather than day-to-day alert handling or basic configuration.

As a SIEM Architect, you will be responsible for designing, deploying, and optimizing SIEM solutions to deliver meaningful, high-fidelity security analytics. This involves minimizing noise and maximizing actionable intelligence. You will collaborate with various stakeholders to ensure the SIEM platform effectively supports detection, response, and escalation processes.

Key Responsibilities

  • Design, architect, and deploy centralized SIEM solutions for complex enterprise environments.
  • Lead full SIEM implementations, including log source onboarding (applications, endpoints, network, cloud, identity), data normalization and parsing, and use-case design and alert strategy.
  • Ensure SIEM platforms deliver high-fidelity security analytics, avoiding excessive noise.
  • Collaborate with SOC teams to align SIEM capabilities with detection, response, and escalation processes.
  • Work effectively with stakeholders across IT, infrastructure, cloud, and security engineering departments.
  • Provide expert guidance on SIEM best practices, scalability, and performance optimization.
  • Support the integration of SIEM solutions into the broader SOC architecture, tooling, and workflows.

Qualifications and Requirements

  • Proven experience designing, architecting, and fully deploying SIEM platforms, extending beyond basic configuration.
  • Strong hands-on experience with at least one enterprise SIEM technology, such as Splunk, IBM QRadar, LogRhythm, or ArcSight.
  • A solid understanding of SOC architecture, including log pipelines, detection workflows, and triage and escalation models.
  • Experience working with logs from a variety of sources including applications, infrastructure, security devices, and user activity.
  • The ability to translate business and security requirements into effective technical SIEM designs.
  • A minimum of 10 years of experience in the field.

Required Skills

  • SIEM
  • Splunk
  • IBM QRadar
  • LogRhythm
  • ArcSight
  • SOC architecture
  • Log pipelines
  • Detection workflows
  • Triage and escalation models
  • Log source onboarding
  • Data normalization and parsing
  • Use-case design
  • Alert strategy
  • Security analytics
  • Detection engineering
  • Scalability
  • Performance optimization
  • Communication
  • Leadership

Work Location and Type

This is a contract position based in Riyadh, Saudi Arabia.


Requirements

  • Requires +10 Years experience

Similar Jobs