Junior SIEM engineer
Junior SIEM engineer
Portugal - Lisbon Apply NowHOW MIGHT YOU DEFY IMAGINATION?
The Amgen Capability Center in Lisbon, Portugal (ACCP) will be home to over 300 multi-national and multi-cultural employees, representing a broad range of cross functional capabilities, including Commercial, General and Administrative, Research and Development and more. The ACCP will offer rich career growth and development opportunities, regional and global exposure, and the opportunity to LIVE, WIN and THRIVE in one of Europe’s most attractive cities.
Our ACCP Office is located at Maleo – Sete Rios, Av. José Malhoa 19, 1070-040 Lisbon, in the vibrant city center of Lisbon.
If you feel like you’re part of something bigger, it’s because you are. At Amgen our shared mission—to serve patients—drives all that we do. It is key to our becoming one of the world’s leading biotechnology companies. We are global collaborators who achieve together—researching, manufacturing, and delivering ever-better products that read over 10 million patients worldwide. It’s time for a career you can be proud of. Join us.
Junior SIEM engineer
LIVE
What you will do
Let’s do this. Let’s change the world. In this vital role you will be responsible for developing and implementing the organization’s security monitoring strategy to safeguard data, systems, and networks against potential threats. This includes designing and deploying robust security monitoring architecture, ensuring comprehensive coverage and real-time threat detection. The role involves close collaboration with IT teams to incorporate security monitoring into every layer of the technology stack. Key responsibilities include collaborating with the security monitoring team, handling risk, and ensuring compliance with relevant regulations and standards.
Assist in implementing and maintaining Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA) platforms, with a focus on supporting the log collection strategy and associated infrastructure.
Perform routine operational tasks including monitoring SIEM health, identifying issues, documenting resolutions, and supporting integration with other tools under guidance from senior engineers.
Contribute to the ongoing improvement of SIEM and UEBA processes by documenting procedures, updating configurations, and suggesting enhancements.
Develop and maintain basic scripts and automation routines to support log ingestion, normalization, and alerting in collaboration with more senior team members.
Work with internal teams and escalate to senior staff or external partners to support remediation or mitigation of identified vulnerabilities and SIEM platform issues.
Support incident responders by providing relevant SIEM data and assisting with initial investigations as directed.
Collaborate with security operations and cyber threat intelligence teams in daily tasks, including alert validation, correlation rule tuning, and basic troubleshooting.
Assist in tracking vendor support cases and maintain documentation related to tools and strategic partners.
Participate in internal and external audits, providing documentation and support as required for SIEM-related controls and processes.
WIN
What we expect of you
We are all different, yet we all use our unique contributions to serve patients. The ideal candidate possesses strong leadership qualities, a deep understanding of cybersecurity practices, and extensive experience in managing large-scale security monitoring programs.
Basic Qualifications:
Master’s degree with 1 to 2 years of experience in Information Systems or related field OR
Bachelor’s degree with 3 to 4 years of experience Information Systems or related field OR
Diploma with 4 to 5 years of experience in Information Systems or related field
Proven track-record in understanding of common security monitoring and detection engineering practices
Demonstrate in-depth knowledge of cybersecurity frameworks, technologies, and best practices
Experience in risk management, incident response, and security governance
Strong knowledge of security architecture frameworks and principles
Preferred Qualifications:
Proficiency with deploying and running log collection infrastructure (e.g. Splunk Universal Forwarder, Fluentd, Cribl) and SIEM solutions (e.g. Qradar, Splunk, ArcSight, Sentinel)
Experience with network security, endpoint protection, and incident response
Proficiency in scripting and automation (e.g., Python, Bash) is a plus
Experience with deploying, running and monitoring cloud-hosted infrastructure
Professional Certifications:
GCDA (preffered)
GSEC (preferred)
CompTIA Security+ (preferred)
CISSP (preferred)
Soft Skills:
Excellent analytical and solving skills
Strong verbal and written communication skills (English)
Ability to work effectively with global, virtual teams
High degree of initiative and self-motivation
Ability to handle multiple priorities successfully
Team oriented, with a focus on achieving team goals
Strong presentation and public speaking skills
THRIVE
What you can expect of us
Vast opportunities to learn, develop, and move up and across our global organization.
Diverse and inclusive community of belonging, where colleagues are empowered to bring ideas to the table, take risks, and act.
Generous Amgen Total Rewards Plan comprising healthcare, finance, wealth and career benefits.
Flexible work arrangements.
APPLY NOW
for a career that defies imagination
In our quest to serve patients above all else, Amgen is the first to imagine, and the last to doubt. Join us.
careers.amgen.com
EQUAL OPPORTUNITY STATEMENT
Amgen is an Equal Opportunity employer and will consider you without regard to your race, colour, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.
We will ensure that individuals with disabilities are provided a reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment.
