Role Overview We are looking for a skilled Endpoint, SIEM, Splunk, Log Management & XDR Specialist to support and enhance our Security Operations capabilities. The role focuses on endpoint security, SIEM engineering, threat detection, and incident response using leading XDR and SIEM platforms. Key Responsibilities Deploy, manage, and maintain XDR and EPP agents across all endpoints and servers. Investigate and respond to malware, exploits, and fileless attack incidents. Tune security policies to improve detection accuracy and reduce false positives. Integrate endpoint telemetry with SIEM and XDR platforms to ensure unified visibility. Prepare and present monthly endpoint risk and compliance reports. Design, deploy, and manage Splunk SIEM architecture, including indexers, forwarders, and syslog collectors. Integrate logs from firewalls, endpoints, NDR, DLP, WAF, SOAR, cloud, and Saa S platforms into a centralized SIEM. Develop custom detection rules, dashboards, and correlation searches to identify potential threats. Optimize syslog parsing, field extraction, and indexing to ensure performance and cost efficiency. Collaborate with Threat Intelligence and SOAR teams to automate incident response workflows. Manage log retention policies to meet compliance requirements (e.g., NCA, PCI DSS, GDPR). Deliver weekly security dashboards and monthly SIEM health and detection performance reports. Technology Stack XDR / EPP: Palo Alto Cortex XDR, Kaspersky EPPSIEM: Splunk Security Platforms: Firewalls, NDR, DLP, WAF, SOARCompliance Frameworks: NCA, PCI DSS, GDPR