• Operates and maintains SIEM tools and components, such as log aggregators, forwarders, and data observability systems • Tests, implements, and tunes new on-premises and cloud-based technical environments that support infrastructure visibility, analysis, automation, and secure data retention • Develops content that enables cybersecurity personnel to take maximum advantage of existing tool capabilities, including workflows, integrations, and automated tasks • Collaborates across Information Technology Services teams to integrate SIEM components with cybersecurity enrichment and analysis platforms and system management tools • Creates and maintains architectural documentation and operational procedures that describe the scope, purpose, configuration, use, and maintenance of the SIEM tools and environments • Contributes to projects (as assigned or independently) that improve the effectiveness and efficiency of a cybersecurity program, including but not limited to workflow improvements, automation expansion, management tool enhancements, program or strategic initiatives, and user awareness training