What is the salary for this SIEM Detection Engineer role?

Salary information is not publicly listed for this position. Apply directly to discuss compensation with Diverto.

Where is this SIEM Detection Engineer position located?

This is an on-site position at Diverto located in Zagreb.

How do I apply for this SIEM Detection Engineer job at Diverto?

Click the 'Apply' button on this page to be redirected to Diverto's application portal. Make sure to have your resume ready and tailor your application to highlight relevant experience.

Diverto is actively hiring for Engineering roles. Visit the company page to see all open positions and learn more about working at Diverto.

SIEM Detection Engineer

Diverto Zagreb Today

engineering

Key Responsibilities:

Develop, maintain, and continuously improve SIEM detection rules
Design detections based on:
- MITRE ATT&CK techniques
- Threat intelligence and real incident learnings
Support onboarding and improvement of log sources in SIEM platforms
Analyze systems and applications to understand what should be logged and how it supports detection
Improve log quality, parsing, enrichment, and overall data consistency
Tune detections to reduce false positives and improve alert quality
Validate detections
Create and maintain:
- Detection documentation and use-case descriptions
- Dashboards and visualizations for SOC operations
- Alert context and investigation guidance for analysts
Monitor detection effectiveness using metrics such as alert quality, coverage, and MTTD
Automate repetitive tasks and improve detection workflows (Python or similar)
Collaborate with team members, share knowledge, and support continuous improvement
Stay up to date with emerging threats and detection techniques

Qualifications

Bachelor’s or Master’s degree in a technical field, or equivalent hands-on experience
2+ years of experience in security (SOC experience preferred)
Hands-on experience working with any SIEM platform
Good understanding of:
- Windows and Linux operating systems
- Networking fundamentals (DNS, HTTP/S, etc.)
Experience working with security logs from endpoints, servers, or network devices
Basic scripting or automation experience (Python preferred)
Solid understanding of common security threats and defensive concepts

Skills:

Strong analytical mindset with interest in security detection engineering
Experience creating or tuning SIEM detection rules
Understanding of how log data quality impacts detection effectiveness
Familiarity with detection frameworks such as MITRE ATT&CK
Ability and willingness to learn new tools and technologies
Comfortable working both independently and in a team environment
Clear and effective communication skills
Passion for cybersecurity and continuous improvement
Fluent in English and Croatian

Additional Information

What we offer:

Dynamic and fast-paced work environment, with a high level of autonomy.
Occasional travel for client meetings and industry events may be required (worldwide).
A mission-driven team working to protect critical infrastructure globally.
Opportunity to achieve your biggest potential and development in your area of responsibility.
Continuous development and advancement through industry-relevant certifications and internal/external training/workshops.
Learning and sharing experiences with well-known and respected experts in the field of information/cybersecurity.
Positive, motivating, international work environment.
Hybrid work – office work + work from home.
Flexible working hours.
Additional and supplementary health insurance packages.
Multisport membership.
Pet-friendly office.
Social events and team bonding gatherings.
Compensation package consisted of base + bonus part, competitive in the market.

About the Company

Wherever our customers are in the world, we help them digitalise and optimise their remote business processes using advanced hybrid network solutions and digital technologies.

At Marlink, we empower our customers worldwide by helping them digitalize and optimize their remote operations through advanced hybrid network solutions and cutting-edge digital technologies. Our teams operate globally, harnessing innovation, expertise, and applied technology to connect systems and people, driving success in today’s digital-first world. With 1,500 employees in over 30 countries, and customers in the maritime, energy, and government sectors, we push boundaries to deliver excellence.

We are looking for a Mid-Level Security SIEM Detection Engineer who wants to work on high-quality security detections and ingestion of security relevant log data in a modern SOC environment.

This role focuses on detection engineering, SIEM use cases, and data quality — designing and improving detections that reflect real attacker behavior and deliver actionable alerts to SOC teams.

You will work closely with SOC analysts, incident responders, and integration teams to ensure detections are reliable, relevant, and continuously improving.