Rockwell Automation is a global technology leader focused on helping the world’s manufacturers be more productive, sustainable, and agile. With more than 28,000 employees who make the world better every day, we know we have something special. Behind our customers - amazing companies that help feed the world, provide life-saving medicine on a global scale, and focus on clean water and green mobility - our people are energized problem solvers that take pride in how the work we do changes the world for the better.

We welcome all makers, forward thinkers, and problem solvers who are looking for a place to do their best work. And if that’s you we would love to have you join us!

Job Description:

Summary

The Senior SIEM Engineer is responsible for engineering, optimizing, and scaling the enterprise SIEM platform to enhance threat detection and incident response across the organization. You will develop detection logic, integrates diverse log sources, collaborates with SOC/IR teams, and drives automation to elevate security maturity.

Responsibilities

• Administer, enhance, and maintain the SIEM platform, including agent/app/add‑on upgrades and log source onboarding.
• Build and optimize correlation rules, detection use cases, dashboards, and reporting content.
• Integrate threat intelligence feeds to strengthen detection capabilities.
• Analyze logs and security events to identify anomalies or advanced attack patterns.
• Partner with SOC/IR teams on investigations, tuning, enrichment, and automation workflows.
• Create and maintain runbooks, documentation, and SIEM best practices.
• Lead SIEM improvements, scaling efforts, and cross‑functional enablement.

The Essentials

You Will Have:

• Bachelor's Degree or Equivalent Years of Relevant Work Experience
• Legal authorization to work in the U.S. We will not sponsor individuals for employment visas, now or in the future, for this job opening.

The Preferred

You Might Also Have:

• Bachelor's degree in Cybersecurity, Computer Science, or related field OR equivalent experience.
• 5 years of experience with SIEM platforms (e.g., Sentinel, Splunk, QRadar, Log Rhythm).
• Strong knowledge of detection engineering, log parsing, and data normalization.
• Proficiency with KQL, SQL, or similar query languages.
• Understanding of incident response, SOC workflows, and security operations.
• Experience with SOAR, automation workflows, or Logic Apps.
• Cloud security experience (Azure, AWS, GCP).
• Scripting (Python, PowerShell).
• Familiarity with MITRE ATT&CK, NIST, or ISO frameworks.
• Relevant certifications: AZ-500, AZ-104, AZ-900, AZ-303/304, DP-900, AI-900, Splunk certifications, etc.

What We Offer:

• Health Insurance including Medical, Dental and Vision
• 401k
• Paid Time off
• Parental and Caregiver Leave
• Flexible Work Schedule where you will work with your manager to enjoy a work schedule that can be flexible with your personal life.
• To learn more about our benefits package, please visit at www.raquickfind.com

At Rockwell Automation we are dedicated to building a diverse, inclusive and authentic workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right person for this or other roles.

This position is part of a job family. Experience will be the determining factor for position level and compensation.

#lifeatrok

We are an Equal Opportunity Employer including disability and veterans.

If you are an individual with a disability and you need assistance or a reasonable accommodation during the application process, please contact our services team at 1 (844) 404-7247.

Rockwell Automation’s hybrid policy aligns that employees are expected to work at a Rockwell location at least Mondays, Tuesdays, and Thursdays unless they have a business obligation out of the office.