SIEM Engineer
SIEM Engineer
Portugal - Lisbon Apply NowJoin our team at AMGEN Capability Center Portugal, number 1 company in Best WorkplacesTM https://www.greatplacetowork.pt/ ranking in Portugal (category 201-500 employees) by the Great Place to Work Institute. We have a team of over 300 talented people and more than 35 different nationalities, diverse areas of expertise and professional experience that are shaping the future of healthcare. This is your chance to explore a world of opportunities in different areas such as Cybersecurity, Data & Analytics, Digital, Technology and Innovation, Finance, General & Admin, Human Resources, Regulatory Affairs and many more. In Lisbon's city center, our AMGEN office fosters innovation, excellence, and inspiration. Come thrive with us at AMGEN, supporting our mission To Serve Patients. What we do at AMGEN matters in people’s lives.
SIEM ENGINEER
At AMGEN, Technology isn’t just a support function—it’s a catalyst for discovery, transformation, and real-world impact. Here, your ideas fuel innovation that improves and saves lives of patients in dire need of our medicines.Are you ready to do meaningful work that matters?
LIVE
WHAT YOU WILL DO
As a SIEM Engineer you will play vital role you will be responsible for developing and implementing the organization’s security monitoring strategy to safeguard data, systems, and networks against potential threats. This includes designing and deploying robust security monitoring architecture, ensuring comprehensive coverage and real-time threat detection. The role involves close collaboration with IT teams to incorporate security monitoring into every layer of the technology stack. Key responsibilities include collaborating with the security monitoring team, handling risk, and ensuring compliance with relevant regulations and standards.
Let’s do this. Let’s change the world. In this vital role you will:
Assist in implementing and maintaining Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA) platforms, with a focus on supporting the log collection strategy and associated infrastructure.
Perform routine operational tasks including monitoring SIEM health, identifying issues, documenting resolutions, and supporting integration with other tools under guidance from senior engineers.
Contribute to the ongoing improvement of SIEM and UEBA processes by documenting procedures, updating configurations, and suggesting enhancements.
Develop and maintain basic scripts and automation routines to support log ingestion, normalization, and alerting in collaboration with more senior team members.
Work with internal teams and escalate to senior staff or external partners to support remediation or mitigation of identified vulnerabilities and SIEM platform issues.
Support incident responders by providing relevant SIEM data and assisting with initial investigations as directed.
Collaborate with security operations and cyber threat intelligence teams in daily tasks, including alert validation, correlation rule tuning, and basic troubleshooting.
Assist in tracking vendor support cases and maintain documentation related to tools and strategic partners.
Participate in internal and external audits, providing documentation and support as required for SIEM-related controls and processes.
WIN
WHAT WE EXPECT OF YOU
We are all different, yet we all use our unique contributions to serve patients. The ideal candidate possesses strong leadership qualities, a deep understanding of cybersecurity practices, and extensive experience in managing large-scale security monitoring programs.
Basic Qualifications:
Master’s degree with 1 to 2 years of experience in Information Systems or related field OR
Bachelor’s degree with 3 to 4 years of experience Information Systems or related field OR
Diploma with 4 to 5 years of experience in Information Systems or related field
Proven track-record in understanding of common security monitoring and detection engineering practices
Demonstrate in-depth knowledge of cybersecurity frameworks, technologies, and best practices
Experience in risk management, incident response, and security governance
Strong knowledge of security architecture frameworks and principles
Preferred Qualifications:
Proficiency with deploying and running log collection infrastructure (e.g. Splunk Universal Forwarder, Fluentd, Cribl) and SIEM solutions (e.g. Qradar, Splunk, ArcSight, Sentinel)
Experience with network security, endpoint protection, and incident response
Proficiency in scripting and automation (e.g., Python, Bash) is a plus
Experience with deploying, running and monitoring cloud-hosted infrastructure
Professional Certifications:
GCDA (preffered)
GSEC (preferred)
CompTIA Security+ (preferred)
CISSP (preferred)
Soft Skills:
Excellent analytical and solving skills
Strong verbal and written communication skills (English)
Ability to work effectively with global, virtual teams
High degree of initiative and self-motivation
Ability to handle multiple priorities successfully
Team oriented, with a focus on achieving team goals
Strong presentation and public speaking skills
THRIVE
WHAT YOU CAN EXPECT OF US
As we work to develop treatments that take care of others, we also care deeply for our teammates’ well-being and growth.
Work That Matters – Build tech that accelerates scientific breakthroughs and helps patients worldwide.
Modern Tech Stack – Cloud-first, automation-focused, AI-powered.
Global Scale, Agile Mindset – Collaborate across continents while working in nimble, high-impact teams.
Continuous Learning – Access to certifications, trainings, mentorship, and career mobility.
AMGEN Total Rewards Plan – Comprehensive benefits in healthcare, finance, and well-being.
Flexibility – Hybrid work model with time split between our Lisbon office and remote work.
APPLY NOW
Objects in your future are closer than they appear. Join us.
CAREERS.AMGEN.COM
EQUAL OPPORTUNITY STATEMENT
AMGEN is an Equal Opportunity employer and will consider you without regard to your race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.
We will ensure that individuals with disabilities are provided a reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request an accommodation.
