Technical Support Engineer
We are seeking a Technical Support Engineer with deep knowledge in SIEM technologies and cybersecurity practices to join our world-class support team. In this role, you will work closely with customers to troubleshoot complex issues involving security analytics, threat detection, log management, and compliance using the Sumo Logic platform.You will become a trusted advisor to our customers, helping them leverage the full power of Sumo Logic’s security suite. The ideal candidate will bring strong technical expertise, a problem-solving mindset, and a passion for improving security outcomes for customers.
Key Responsibilities
- Act as a primary technical contact for customer support cases related to SIEM, security analytics, log ingestion, and threat detection.
- Diagnose and resolve product issues, particularly those involving security data sources (e.g., firewall logs, endpoint logs, threat intel feeds) and Sumo Logic’s Cloud SIEM capabilities.
- Guide customers in parsing, normalizing, and analyzing security data using Sumo Logic's tools and query languages (e.g., Search Processing Language).
- Collaborate with engineering and product teams to reproduce and escalate product defects, offering insights based on customer environments and use cases.
- Contribute to and improve internal and external knowledge base articles, especially on security best practices, data onboarding, and use-case implementation.
- Provide after-hours support (on a rotating basis) to ensure 24/7 availability for priority incidents.
Required Qualifications
- 3–5 years of experience in technical support, SOC operations, or a related role with a focus on SIEM or security analytics.
- Hands-on experience with Sumo Logic or other SIEM platforms (e.g., Splunk, QRadar, LogRhythm, Sentinel).
- Strong understanding of cybersecurity principles, threat detection methodologies, and compliance standards (e.g., NIST, MITRE ATT&CK, PCI DSS).
- Experience with log collection and analysis from sources such as firewalls, IDS/IPS, antivirus, and cloud platforms (AWS, Azure, GCP).
- Proficiency with search/query languages, scripting (Python, Bash), and regular expressions.
- Excellent troubleshooting skills and customer service orientation.
- Strong written and verbal communication skills.
Preferred Qualifications
- Security certifications such as Security+, SSCP, GSEC, CEH, or Splunk/Sumo Logic certifications.
- Experience in cloud-native security architectures.
- Familiarity with JSON, REST APIs, and log forwarding mechanisms (e.g., Syslog, Fluentd).
Background in DevSecOps or experience integrating SIEM tools into CI/CD pipelines is a plus.
Join us at Sumo Logic and contribute to our mission of revolutionizing technical support in the digital business world, with a particular focus on logging, SIEM, and cloud technologies.
- Work with cutting-edge cloud-native technology used by security professionals globally.
- Join a high-performing team of technical experts and security enthusiasts.
- Competitive compensation and benefits.
- Opportunities for professional growth and certification.
About Us
Sumo Logic, Inc. empowers the people who power modern, digital business. Sumo Logic enables customers to deliver reliable and secure cloud-native applications through its Sumo Logic SaaS Analytics Log Platform, which helps practitioners and developers ensure application reliability, secure and protect against modern security threats, and gain insights into their cloud infrastructures. Customers worldwide rely on Sumo Logic to get powerful real-time analytics and insights across observability and security solutions for their cloud-native applications.
For more information, visit www.sumologic.com.Sumo Logic Privacy Policy. Employees will be responsible for complying with applicable federal privacy laws and regulations, as well as organizational policies related to data protection.
