Motion Recruitment

Compensation

Full Description

Job Description A large enterprise organization based in Malvern, PA is seeking an experienced SIEM Manager to lead and grow its Security Information and Event Management (SIEM) program. This role will oversee a team of 5–6 SIEM engineers and play a critical role in defining and executing the long-term strategy following a recent migration from Splunk to Elastic. This is a hands-on leadership position focused on people management, enterprise-wide collaboration, and strategic ownership of the SIEM platform. The ideal candidate is a seasoned manager with deep SIEM knowledge, strong stakeholder engagement skills, and experience balancing security outcomes with cost and operational efficiency. This is a direct-hire opportunity with a hybrid schedule (3 days onsite) in Malvern, PA, offering a competitive base salary and bonus structure. Required Skills & Experience 7+ years of experience in information security, with significant focus on SIEM platforms 3+ years of people management experience, leading technical security or SIEM teams Strong understanding of SIEM architecture, log management, alerting, and detection engineering Experience working with cloud technologies (AWS, Azure, or GCP) in a SIEM context Proven ability to manage SIEM operations, performance, and scalability Strong awareness of cost drivers in modern SIEM platforms (ingestion, storage, licensing, retention) Experience working cross-functionally with IT, security, infrastructure, and business teams Excellent communication and leadership skills, with the ability to influence at multiple levels Ability to define strategy, prioritize initiatives, and translate business needs into technical outcomes Desired Skills & Experience Hands-on or leadership experience with Elastic SIEM / Elastic Stack (a strong plus, not required) Experience leading or supporting a SIEM migration or modernization initiative Familiarity with detection engineering, threat monitoring, and SOC workflows Experience working in large, complex enterprise environments Knowledge of additional Elastic capabilities beyond SIEM (e.g., observability, search, endpoint) Understanding of compliance, audit, and security governance requirements What You Will Be Doing Lead and manage a team of 5–6 SIEM engineers, providing mentorship, direction, and performance oversight Own the long-term strategy and roadmap for the organization’s Elastic SIEM platform Oversee day-to-day SIEM operations, ensuring reliability, efficiency, and security value Partner with IT, security operations, cloud, and business stakeholders across the enterprise Evaluate and manage SIEM costs, ingestion strategies, and data retention policies Identify opportunities to expand and optimize Elastic capabilities beyond core SIEM use cases Ensure SIEM initiatives align with broader security and business objectives Drive continuous improvement in detection, visibility, and operational maturity Tech Breakdown 40% Team Leadership & People Management 25% SIEM Strategy & Roadmap Ownership 20% Cross-Enterprise Collaboration & Stakeholder Engagement 15% Platform Optimization, Cost Awareness, and Capability Expansion The Offer Competitive base salary plus annual bonus structure Hybrid schedule: 3 days onsite in Malvern, PA Comprehensive health, dental, and vision insurance 401(k) with employer match Paid time off and company holidays Long-term career growth within a stable, enterprise organization Applicants must be currently authorized to work in the U.S. on a full-time basis now and in the future. Posted By: Nick Direso