Technical Support Engineer

We are seeking a Technical Support Engineer with deep knowledge in SIEM technologies and cybersecurity practices to join our world-class support team. In this role, you will work closely with customers to troubleshoot complex issues involving security analytics, threat detection, log management, and compliance using the Sumo Logic platform.

You will become a trusted advisor to our customers, helping them leverage the full power of Sumo Logic’s security suite. The ideal candidate will bring strong technical expertise, a problem-solving mindset, and a passion for improving security outcomes for customers.

Responsibilities

• Act as a primary technical contact for customer support cases related to SIEM, security analytics, log ingestion, and threat detection.
• Diagnose and resolve product issues, particularly those involving security data sources (e.g., firewall logs, endpoint logs, threat intel feeds) and Sumo Logic’s Cloud SIEM capabilities.
• Guide customers in parsing, normalizing, and analyzing security data using Sumo Logic's tools and query languages (e.g., Search Processing Language).
• Collaborate with engineering and product teams to reproduce and escalate product defects, offering insights based on customer environments and use cases.
• Contribute to and improve internal and external knowledge base articles, especially on security best practices, data onboarding, and use-case implementation.

Required Qualifications and Skills

• 3–5+ years of experience in technical support, SOC operations, or a related role with a focus on SIEM or security analytics.
• Hands-on experience with Sumo Logic or other SIEM platforms (e.g., Splunk, QRadar, LogRhythm, Sentinel).
• Strong understanding of cybersecurity principles, threat detection methodologies, and compliance standards (e.g., NIST, MITRE ATT&CK, PCI DSS).
• Experience with log collection and analysis from sources such as firewalls, IDS/IPS, antivirus, and cloud platforms (AWS, Azure, GCP).
• Proficiency with search/query languages, scripting (Python, Bash), and regular expressions.
• Excellent troubleshooting skills and customer service orientation.
• Strong written and verbal communication skills.

Desired Qualifications and Skills

• Security certifications such as Security+, SSCP, GSEC, CEH, or Splunk/Sumo Logic certifications.
• Experience in cloud-native security architectures.
• Familiarity with JSON, REST APIs, and log forwarding mechanisms (e.g., Syslog, Fluentd).