




Summary: As a Senior SIEM Engineer, you will be a technical leader and subject matter expert, shaping Amgen's global security landscape through modern SIEM and UEBA platforms, driving detection capabilities, and mentoring junior engineers. Highlights: 1. Lead architecture and continuous improvement of SIEM and UEBA platforms 2. Develop and optimize custom detection rules and analytics for advanced threats 3. Partner with cross-functional teams to embed smart and efficient monitoring Portugal \- Lisbon JOB ID: R\-228632 LOCATION: Portugal \- Lisbon WORK LOCATION TYPE: Flex Commuter / Hybrid DATE POSTED: Oct. 29, 2025 CATEGORY: Information Systems Join our team at **AMGEN Capability Center Portugal**, the \#1 company in Best Workplaces™ (201–500 employees' category) in Portugal in 2024 by the Great Place to Work Institute. With over 500 talented individuals from more than 40 nationalities, our Lisbon center thrives at the intersection of innovation, excellence, and inspiration. This is your opportunity to explore the future of healthcare through technology and digital innovation, supporting our mission To Serve Patients. **SIEM ENGINEER** At AMGEN, Technology isn’t just a support function—it’s a catalyst for discovery, transformation, and real\-world impact. Here, your ideas fuel innovation that improves and saves lives of patients in dire need of our medicines.Are you ready to do meaningful work that matters? **LIVE** **WHAT YOU WILL DO** **As a Senior SIEM Engineer at Amgen, you will have a key role in shaping the future of our global security landscape.** You’ll act as a technical leader and subject matter expert, driving our strategy for security monitoring and advanced threat detection. Your work will directly strengthen Amgen’s ability to protect patients, science, and innovation worldwide. In this role, you’ll design and enhance modern SIEM and UEBA platforms, building scalable and automated detection capabilities across hybrid and cloud environments. You’ll partner closely with cross‑functional teams \- SOC, Threat Intelligence, Incident Response, infrastructure, and applications \- to embed smart, efficient, and high‑visibility monitoring across the entire organization. You will also mentor junior engineers, lead complex integrations, and champion automation, analytics, and detection maturity. Your expertise will directly influence Amgen’s roadmap for security innovation. **Let’s do this. Let’s change the world. In this vital role you will:** * Lead the architecture, deployment, and continuous improvement of AMGEN’s **SIEM** and **UEBA****platforms**. * Build robust **log collection and correlation strategies** across on‑prem, hybrid, and multi‑cloud environments to ensure full visibility. * Develop and optimize **custom detection rules, dashboards, and analytics** to identify advanced threats and minimize false positives. * Guide and mentor junior engineers, promoting automation, best practices, and high‑quality engineering standards. * Partner with SOC, Threat Intelligence, and Incident Response teams to design advanced detection analytics and improve response capabilities. * Integrate **new log sources** and ensure scalability in alignment with Amgen’s security architecture. * Automate repetitive workflows using **scripting** (Python, PowerShell, Bash, REST APIs). * Support **incident investigations** using SIEM data to accelerate containment and remediation. * Collaborate with infrastructure and application teams to strengthen logging, monitoring, and compliance. * Manage **vendor relationships**, **platform health, upgrades, audits**, and SIEM lifecycle processes. * Contribute to Amgen’s long‑term security monitoring strategy and innovation pipeline. **WIN** **WHAT WE EXPECT OF YOU** We welcome people who bring unique strengths, backgrounds, and perspectives. The ideal candidate is a strong technical leader with a passion for cybersecurity, analytics, and driving continuous improvement in global\-scale environments. * A solid educational background in IT or a related field (Master’s, Bachelor’s with relevant experience). * Hands‑on experience working with **SIEM** and **UEBA** platforms. * Strong understanding of **threat detection, log management, and modern security analytics**. * Experience **designing or improving security monitoring and automation solutions**. * Familiarity with well‑known cybersecurity frameworks like **NIST CSF, MITRE ATT\&CK, or ISO 27001**. * Practical experience with leading **SIEM** tools (e.g., **Splunk, QRadar, ArcSight, Sentinel**) and log pipelines. * Exposure to **cloud environments** (AWS, Azure, GCP), threat hunting, or SOAR automation. * Ability to script in **Python, PowerShell, or Bash** to simplify and improve workflows. * Professional **security certifications** (e.g., GCDA, GCIH, GCIA, CISSP, CISM, Security\+, cloud certs) are a strong plus. * Strong communication, teamwork, problem‑solving, and the ability to work effectively in global teams. **THRIVE** **WHAT YOU CAN EXPECT OF US** As we work to develop treatments that take care of others, we also care deeply for our teammates’ well\-being and growth. * **Work That Matters** – Build tech that accelerates scientific breakthroughs and helps patients worldwide. * **Modern Tech Stack** – Cloud\-first, automation\-focused, AI\-powered. * **Global Scale, Agile Mindset** – Collaborate across continents while working in nimble, high\-impact teams. * **Continuous Learning** – Access to certifications, trainings, mentorship, and career mobility. * **AMGEN Total Rewards Plan** – Comprehensive benefits in healthcare, finance, and well\-being. * **Flexibility** – Hybrid work model with time split between our Lisbon office and remote work. Objects in your future are closer than they appear. Join us. **CAREERS.AMGEN.COM** **EQUAL OPPORTUNITY STATEMENT** AMGEN is an Equal Opportunity employer and will consider you without regard to your race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. We will ensure that individuals with disabilities are provided a reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request an accommodation.


