Geneva
SIEM / SOAR Cloud Engineer (M/F/X)
- 04 July 2026
- 100%
- Geneva
About the job
Job description
Amaris is recruiting a SIEM / SOAR Cloud Engineer to support the deployment and optimisation of Microsoft Sentinel and Google Chronicle Security Operations solutions for its largest Swiss clients. You will play a key role in designing monitoring architectures, developing detection and automation capabilities, while supporting teams in skills development and adoption of best practices.
🔥 Your responsibilities
Design & integration of SIEM / SOAR platforms
- Design, deploy and evolve security monitoring architectures based on Microsoft Sentinel and Google Chronicle.
- Integrate various log sources from cloud, on-premise and hybrid environments (Azure, Microsoft 365, Google Cloud Platform, Active Directory, EDR, firewalls, VPN, applications, databases, etc.).
- Configure connectors, ensure normalisation of security events and guarantee the quality of collected data.
- Participate in defining best practices for collecting and monitoring security events.
Threat detection & automation
- Develop and maintain detection rules adapted to current threats (KQL, Chronicle rules, correlations, MITRE ATT&CK scenarios, etc.).
- Design dashboards, reports and indicators to monitor security activities and SOC performance.
- Develop automation playbooks (SOAR) to accelerate detection, investigation and incident response.
- Integrate workflows with ITSM, IAM, EDR solutions, collaborative tools and other security ecosystem components.
- Continuously optimise detection rules to reduce false positives and improve alert relevance.
Operational support & continuous improvement
- Support SOC and CSIRT teams during security incident analysis and propose remediation recommendations.
- Participate in maintaining SIEM/SOAR platforms operational: availability, performance, capacity and cost optimisation.
- Define and monitor performance indicators (KPIs, SLAs) related to monitoring activities.
- Contribute to security architecture reviews for Azure and Google Cloud projects.
- Conduct technological watch on developments in Microsoft Sentinel, Google Chronicle and emerging threats.
- Write technical documentation, operating procedures and training materials for internal teams.
- Support colleagues in skills development and promote best practices in monitoring and incident detection.
🎯 Your profile
- Engineering degree or equivalent in cybersecurity, information systems or computer science.
- Significant experience with Microsoft Sentinel, Google Chronicle Security Operations or other SIEM/SOAR environments.
- Good knowledge of Azure, Microsoft 365, Google Cloud Platform environments and hybrid architectures.
- Strong understanding of detection mechanisms, event correlation and cybersecurity frameworks (notably MITRE ATT&CK).
- Experience in automating security processes via Logic Apps, playbooks or SOAR workflows.
- Familiarity with administration tools, scripting and query languages (KQL, PowerShell, Python or equivalent).
- Analytical mindset, autonomy and ability to handle complex technical topics.
- Excellent communication skills and ability to support teams in skills development.
- A good level of technical English is appreciated.
💡What we offer
- An international community bringing together more than 110 different nationalities, with a strong presence in Switzerland and Europe.
- An environment where trust is central: 70% of our key leaders started their careers at the first level of responsibility.
- A solid training system with our internal Academy and more than 250 modules available, tailored to Swiss industrial challenges.
- Strong commitments in CSR, notably through our WeCare Together programme.
Amaris Consulting promotes equal opportunities. We are committed to bringing together talents from diverse backgrounds and creating an inclusive work environment. In this spirit, we welcome applications from all qualified candidates regardless of gender, sexual orientation, race, ethnicity, beliefs, age, marital status, disability or other characteristics.
Who are we?
Amaris Consulting is an independent consulting and technology company serving businesses. With over 1000 clients worldwide, we have been deploying solutions for major projects for more than a decade – all made possible by an international team of 7,600 talents across 5 continents and more than 60 countries. Our solutions focus on four different business areas: Information systems and digital, telecommunications, life sciences and engineering. We aim to create and develop a talent community where all team members can realise their full potential. Amaris is your "stepping stone" to cross the rivers of change, to meet challenges and to successfully complete all your projects.At Amaris, we are committed to offering our candidates the best possible recruitment experience. We seek to get to know and understand our candidates better, to challenge them and to share our impressions as quickly as possible. Here is what our recruitment process looks like:
First contact: Our process usually starts with a brief virtual/telephone conversation to learn more about you! The goal? To get to know you, understand your motivations and ensure we offer you the position that best suits you!
Interviews (on average, the number of interviews is 3 – but this may vary depending on the seniority level required for the position). During the interviews, you will meet members of our team: your future manager of course, but also others you will work with. These interviews will allow us to learn more about you, your experience and skills, but also about the role and what will be expected of you. Of course, you will also get to know Amaris: our culture, our history, our teams and your career opportunities!
Case study: Depending on the position, you may be asked to take a test. This could be a role play, a technical assessment, a problem-solving scenario, etc.
As you know, every person is different and so is every role in a company. That is why we must adapt accordingly, so the process can sometimes be somewhat different for each candidate. That said, we always put ourselves in the candidate's shoes to offer the best possible experience. We look forward to meeting you!