Security Engineer

At Broadridge, we've built a culture where the highest goal is to empower others to accomplish more. If you're passionate about developing your career, while helping others along the way, come join the Broadridge team.

We are seeking aMicrosoft Sentinel SIEM Engineerwith strong experience designing, operating, and scaling enterprise Microsoft Sentinel SIEM or other SIEM platforms to support 24x7 Security Operations. This role is responsible for platform health, log ingestion pipelines, normalization, enrichment, detection content support, and integrations with security and IT systems. The SOC Engineer will partner closely with SOC Analysts, Threat Intelligence, BISG Information Security teams, and other stakeholders to ensure high-quality security telemetry, reliable detections, and an optimized analyst experience. This role also supports Mergers & Acquisitions (M&A) by onboarding new log sources and environments into the enterprise SIEM.

Key Responsibilities

• Engineer, operate, and optimize Microsoft Sentinel across one or more Log Analytics workspaces
• Ensure Sentinel reliability, scalability, performance, and cost efficiency
• Manage workspace architecture, retention, daily cap, and data tiering strategies
• Monitor Sentinel platform health, ingestion latency, connector failures, and query performance
• Design, build, and maintain scalable, highly available log ingestion pipelines, including parsing, normalization, enrichment, and filtering using technologies like Syslog, Sentinel data connectors, Azure Monitor Agents, etc.
• Onboard and maintain data sources across cloud, on-prem, SaaS, and security tools (EDR, IAM, network, application logs)
• Tune data quality, performance, and cost efficiency across the SIEM environment
• Develop and maintain integrations between the SIEM and security platforms (EDR, SOAR, Threat Intel, ITSM)
• Support M&A security onboarding by integrating acquired environments into the SIEM
• Implement monitoring, alerting, and health checks for SIEM infrastructure and data pipelines
• Troubleshoot ingestion, parsing, correlation, and performance issues impacting SOC visibility
• Automate repetitive SIEM operational tasks using scripting or platform-native capabilities
• Document SIEM architecture, data sources, standards, and operational runbooks
• Collaborate with cloud, infrastructure, and network teams to ensure complete and reliable telemetry coverage

Required Skills & Qualifications

• 5+ years of experience in SIEM Engineering, Security Operations Engineering, or SOC Platform roles
• Strong hands-on experience with at least one enterprise SIEM platform (e.g., Splunk, Azure Sentinel, Elastic, QRadar) - preference to candidates with MS Sentinel experience.
• Deep understanding of log formats, schemas, parsing, normalization, and enrichment techniques
• Experience onboarding diverse log sources: cloud platforms, operating systems, applications, IAM, and security tools
• Strong troubleshooting skills for ingestion latency, parsing errors, dropped events, and performance bottlenecks
• Understanding of detection concepts, correlation logic, and SOC workflows
• Experience integrating SIEM with SOAR, EDR, ITSM, and threat intelligence platforms
• Familiarity with cloud environments (AWS and/or Azure) and cloud-native logging services
• Scripting experience (Python, SPL, KQL, or equivalent) to support automation and analysis
• Solid foundation in networking, authentication, and security fundamentals

Preferred Qualifications

• Background in SIEM deployments or management
• Experience optimizing SIEM performance, scalability, and cost management
• Experience supporting SIEM use cases during M&A integrations
• Hands-on experience with SOAR and automated response workflows
• Familiarity with Infrastructure as Code or configuration management for SIEM infrastructure
• Experience working in regulated or financial services environments

Soft Skills

• Strong problem-solving and troubleshooting skills
• Ability to work across Security, IT, and Engineering teams
• Strong documentation and communication skills
• Automation-first and reliability-focused mindset

Hybrid Flexible at Broadridge

We are made up of high-performing teams that meet in person to learn and collaborate as needed. This role is considered hybrid, which means you'll be assigned to a Broadridge office.

We are dedicated to fostering a collaborative, engaging, and inclusive environment and are committed to providing a workplace that empowers associates to be authentic and bring their best to work. We believe that associates do their best when they feel safe, understood, and valued, and we work diligently and collaboratively to ensure Broadridge is a company-and ultimately a community-that recognizes and celebrates everyone's unique perspective.

Use of AI in Hiring

As part of the recruiting process, Broadridge may use technology, including artificial intelligence (AI)-based tools, to help review and evaluate applications. These tools are used only to support our recruiters and hiring managers, and all employment decisions include human review to ensure fairness, accuracy, and compliance with applicable laws. Please note that honesty and transparency are critical to our hiring process. Any attempt to falsify, misrepresent, or disguise information in an application, resume, assessment, or interview will result in disqualification from consideration.