Job Description: Security Operations Specialist – SIEM & SOAR

At Iron Mountain we know that work, when done well, makes a positive impact for our customers, our employees, and our planet. That’s why we need smart, committed people to join us. Whether you’re looking to start your career or make a change, talk to us and see how you can elevate the power of your work at Iron Mountain.

We provide expert, sustainable solutions in records and information management, digital transformation services, data centers, asset lifecycle management, and fine art storage, handling, and logistics. We proudly partner every day with our 225,000 customers around the world to preserve their invaluable artifacts, extract more from their inventory, and protect their data privacy in innovative and socially responsible ways. 

Are you curious about being part of our growth stor​y while evolving your skills in a culture that will welcome your unique contributions? If so, let's start the conversation.

Job Description: Security Operations Specialist – SIEM & SOAR

Location: Remote India

Job Type: Full-Time

Department: Information Security / Security Operations

Job Summary

We are seeking a Security Operations Specialist – SIEM & SOAR to manage and optimize Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms. The ideal candidate will oversee the operation of Splunk, Google Chronicle, Siemplify, and Palo Alto XSOAR, ensuring effective log ingestion, parser development, playbook automation, and anomaly detection. This role is critical in identifying unusual behavior, enhancing security visibility, and providing actionable insights to executives.

Key Responsibilities

1. SIEM Operations & Log Management

• Manage and maintain SIEM platforms (Splunk, Google Chronicle) to ensure optimal log ingestion and processing.

• Develop and fine-tune log parsers for structured and unstructured data.

• Ensure data normalization, enrichment, and correlation to improve threat detection.

2. Threat Detection & Anomaly Analysis

• Continuously monitor security events to identify unusual behavior and potential threats.

• Create custom detections, alerts, and dashboards for advanced threat visibility.

• Investigate suspicious activities and escalate incidents as needed.

3. SOAR Automation & Playbook Development

• Design and implement automation playbooks in Siemplify and Palo Alto XSOAR to streamline security operations.

• Automate threat response, triage, and remediation workflows to reduce response times.

• Integrate SIEM, threat intelligence feeds, and incident response tools for enhanced security operations.

4. Security Insights & Executive Reporting

• Generate security analytics and reports for leadership, highlighting trends and risks.

• Provide executive-level insights on security events, response effectiveness, and operational improvements.

• Track and improve key security metrics and operational efficiencies.

Qualifications & Skills

Required:

• 3+ years of experience in SIEM, SOAR, or Security Operations.

•  Hands-on experience with Splunk, Google Chronicle, Siemplify, Palo Alto XSOAR.

• Strong knowledge of log ingestion, parsing, and security event correlation.

• Experience in developing custom detections, queries, and dashboards.

• Ability to design and automate security playbooks for incident response.

• Strong analytical and communication skills to present security insights to executives.

Preferred:

• Certifications such as Splunk Certified Admin, Chronicle Security Engineer, CISSP, or GIAC Security Operations (GCIA, GMON).

• Experience with threat intelligence integration and UEBA (User and Entity Behavior Analytics).

• Knowledge of cloud security logging (AWS, GCP, Azure) and compliance frameworks.