Information Security: Senior Monitoring Engineer

TradingView
Full_timeMálaga, Spain

📍 Job Overview

  • Job Title: Information Security: Senior Monitoring Engineer
  • Company: TradingView
  • Location: Málaga, Andalusia, Spain
  • Job Type: Full-Time (Hybrid)
  • Category: Cybersecurity, Monitoring Engineer
  • Date Posted: 2025-07-01
  • Experience Level: 5-10 years

🚀 Role Summary

  • Design and implement SIEM infrastructure for cloud and on-prem environments
  • Develop, test, and deploy correlation rules mapped to MITRE ATT&CK
  • Support incident response and improve detections based on post-incident reviews
  • Collaborate with InfoSec, DevOps, and IT teams to ensure log coverage and high-fidelity detections
  • Prepare SIEM for future integration with SOAR and document alert outputs and workflows

📝 Enhancement Note: This role requires a strong background in security engineering and monitoring, with a focus on SIEM platforms, log parsing, and detection engineering. Familiarity with MITRE ATT&CK and alert tuning is also crucial for success in this position.

💻 Primary Responsibilities

  • SIEM Architecture & Deployment

    • Assist in evaluating and selecting the right SIEM platform
    • Design and implement SIEM infrastructure (on-prem or cloud)
    • Define log onboarding strategy and scalable architecture

  • Log Parsing & Onboarding

    • Work with infrastructure and application teams to collect logs from various sources
    • Build parsers and normalization rules to structure incoming log data
    • Ensure completeness, consistency, and health of log pipelines

  • Detection Engineering

    • Develop, test, and deploy correlation rules mapped to MITRE ATT&CK
    • Create alerting logic to detect suspicious behaviors, misconfigurations, or compromise
    • Fine-tune rules to reduce false positives and align with business context

  • Incident Response Support

    • Assist in investigating security incidents using SIEM and other tools
    • Provide visibility and context to the InfoSec team during incident analysis
    • Improve detections and logging based on post-incident reviews

  • Content & Dashboarding

    • Build dashboards and visualizations for monitoring key security events
    • Create custom searches and scheduled reports for internal teams

  • SOAR & Automation Readiness

    • Prepare SIEM for future integration with SOAR
    • Document alert outputs and workflows to support automation

  • Collaboration

    • Work with InfoSec, DevOps, and IT teams to ensure log coverage and high-fidelity detections
    • Provide recommendations to improve monitoring and visibility across environments

📝 Enhancement Note: This role requires a high level of technical expertise and the ability to work independently in a small team with broad responsibility. Strong communication skills and the ability to collaborate effectively with various teams are essential for success in this position.

🎓 Skills & Qualifications

Education: A bachelor's degree in Computer Science, Cybersecurity, or a related field is preferred. Relevant certifications such as GCFA, CPIA, or platform-specific certs (Splunk, Elastic, etc.) are also valuable.

Experience: Candidates should have 3-5+ years of experience in security engineering or monitoring roles, with strong hands-on experience designing or operating a SIEM (any major platform: Splunk, Elastic, Sentinel, QRadar, etc.). Proficiency in log parsing, normalization, and custom rule development is required.

Required Skills:

  • Strong hands-on experience designing or operating a SIEM
  • Proficient in log parsing, normalization, and custom rule development
  • Comfortable working with AWS, GCP, Kubernetes, Docker, and Linux log sources
  • Solid scripting ability (Python, Bash, PowerShell, or similar)
  • Familiar with MITRE ATT&CK, detection logic design, and alert tuning
  • Able to work independently in a small team with broad responsibility

Preferred Skills:

  • Experience in early-stage security team setup or greenfield projects
  • Exposure to SOAR platforms and security automation concepts
  • Knowledge of TradingView or finance experience

📝 Enhancement Note: While not required, certifications and experience in early-stage security team setup or greenfield projects can provide a significant advantage in this role. Familiarity with TradingView or finance experience is also beneficial but not necessary.

📊 Web Portfolio & Project Requirements

Portfolio Essentials:

  • A comprehensive portfolio showcasing previous SIEM implementations, log parsing projects, and detection rule development
  • Case studies demonstrating incident response support and post-incident review improvements
  • Examples of custom dashboards and visualizations created for internal teams

Technical Documentation:

  • Detailed documentation of SIEM architecture and deployment strategies
  • Log onboarding strategies and scalable architecture designs
  • Detection rule development processes and MITRE ATT&CK mapping
  • Incident response support processes and post-incident review improvements
  • Custom dashboard and visualization creation processes

📝 Enhancement Note: A well-structured portfolio that demonstrates the candidate's ability to design, implement, and maintain SIEM infrastructure, as well as develop and tune detection rules, is crucial for success in this role. The portfolio should also showcase the candidate's ability to support incident response and improve monitoring and visibility across environments.

💵 Compensation & Benefits

Salary Range: €45,000 - €65,000 per year (based on market research for senior security engineering roles in Málaga, Spain)

Benefits:

  • Permanent Contract
  • Flexible Working Hours
  • Hybrid Work Policy
  • Relocation Package (for international candidates)
  • Private Health Insurance
  • Performance Bonus
  • Ongoing Training and Growth Opportunities
  • Premium TradingView Subscription
  • Annual Team Events
  • Comfortable, well-equipped workspace with exclusive perks (gym, etc.)

📝 Enhancement Note: The salary range provided is an estimate based on market research for senior security engineering roles in Málaga, Spain. The actual salary may vary depending on the candidate's experience, skills, and the company's internal compensation structure. TradingView offers a competitive benefits package, including flexible working hours, a hybrid work policy, and ongoing training and growth opportunities.

🎯 Team & Company Context

🏢 Company Culture

Industry: TradingView operates in the finance industry, focusing on empowering millions of people to achieve success through financial markets.

Company Size: TradingView has a global team of over 500 professionals from 40+ different nationalities, speaking nearly 20 languages across its global offices in London, New York, Málaga, and Tbilisi. This size allows for a diverse and inclusive workplace with ample opportunities for collaboration and growth.

Founded: TradingView was founded in 2011 in New York and London, with a mission to empower millions of people to achieve success through financial markets.

Team Structure:

  • TradingView fosters a collaborative environment, with a strong focus on cross-functional teamwork between developers, designers, and stakeholders
  • The security team works closely with InfoSec, DevOps, and IT teams to ensure log coverage and high-fidelity detections
  • The company encourages a culture of continuous learning and innovation, with a strong emphasis on emerging technology adoption

Development Methodology:

  • TradingView follows Agile methodologies, with a focus on iterative development and continuous improvement
  • The company emphasizes code review, testing, and quality assurance practices to ensure high-quality products
  • TradingView uses CI/CD pipelines and automated deployment strategies to streamline the development process

Company Website: TradingView

📝 Enhancement Note: TradingView's global presence and diverse team provide ample opportunities for collaboration and growth within the company. The company's focus on innovation and emerging technology adoption creates an environment where senior monitoring engineers can make a significant impact on the financial world.

📈 Career & Growth Analysis

Web Technology Career Level: Senior Monitoring Engineer roles require a high level of technical expertise and the ability to work independently in a small team with broad responsibility. In this role, you will design and implement SIEM infrastructure, assist in log onboarding, and develop detection rules. You will also support incident response and collaborate with various teams to enhance security monitoring.

Reporting Structure: Senior Monitoring Engineers typically report directly to the Head of Information Security or a similar role within the organization. They may also work closely with other security team members, as well as InfoSec, DevOps, and IT teams.

Technical Impact: Senior Monitoring Engineers play a crucial role in detecting and responding to security threats, ensuring the security and integrity of TradingView's platforms. Their work directly impacts the user experience and the overall security posture of the company.

Growth Opportunities:

  • Technical Growth: Senior Monitoring Engineers can advance to roles such as Principal Monitoring Engineer, Security Architect, or even Chief Information Security Officer (CISO) as they gain experience and demonstrate their ability to lead and mentor other team members.
  • Team Leadership: As TradingView continues to grow, there will be opportunities for Senior Monitoring Engineers to take on leadership roles within the security team, managing other engineers and driving the team's technical direction.
  • Emerging Technologies: TradingView's focus on innovation and emerging technology adoption creates opportunities for Senior Monitoring Engineers to gain experience with cutting-edge security tools and platforms, further enhancing their skills and career prospects.

📝 Enhancement Note: TradingView offers significant growth opportunities for Senior Monitoring Engineers, with a clear path to technical leadership roles and exposure to emerging technologies. The company's global presence and diverse team provide ample opportunities for collaboration and growth within the organization.

🌐 Work Environment

Office Type: TradingView's Málaga office is located in the heart of the city at the prestigious Muelle Uno port, providing a modern and collaborative workspace for its employees.

Office Location(s): TradingView's main offices are located in London, New York, Málaga, and Tbilisi. The Málaga office is situated in the heart of the city, offering easy access to public transportation and local amenities.

Workspace Context:

  • TradingView's offices are designed to foster collaboration and innovation, with open-plan workspaces, meeting rooms, and breakout areas
  • The company provides comfortable, ergonomic workstations, multiple monitors, and testing devices to support its employees' productivity
  • TradingView encourages a flexible work environment, with options for remote work and hybrid arrangements to accommodate individual preferences and needs

Work Schedule: TradingView offers flexible working hours, allowing employees to start their day when it suits them best within a wide range of entry hours. The company also offers a hybrid work policy, combining remote and office work to provide a balanced work-life experience.

📝 Enhancement Note: TradingView's modern and collaborative work environment, along with its flexible work arrangements, creates an ideal setting for Senior Monitoring Engineers to thrive and make a significant impact on the company's security posture.

📄 Application & Technical Interview Process

Interview Process:

  • Technical Phone Screen: A brief phone call to assess the candidate's technical background and fit for the role (30-45 minutes)
  • Technical Deep Dive: A comprehensive technical interview focused on the candidate's SIEM experience, log parsing, detection rule development, and incident response support (60-90 minutes)
  • Behavioral & Cultural Fit: An interview focused on the candidate's problem-solving skills, communication, and cultural fit within the TradingView team (30-45 minutes)
  • Final Decision: A final discussion with the hiring manager and other stakeholders to make a hiring decision (30-45 minutes)

Portfolio Review Tips:

  • Highlight previous SIEM implementations, log parsing projects, and detection rule development in your portfolio
  • Include case studies demonstrating incident response support and post-incident review improvements
  • Showcase custom dashboards and visualizations created for internal teams, emphasizing your ability to monitor key security events and provide actionable insights

Technical Challenge Preparation:

  • Brush up on your SIEM platform knowledge (Splunk, Elastic, Sentinel, QRadar, etc.)
  • Review MITRE ATT&CK framework and familiarize yourself with detection logic design and alert tuning principles
  • Practice incident response scenarios and post-incident review processes to demonstrate your ability to support security incidents and improve monitoring

ATS Keywords: (Organized by category)

  • Programming Languages: Python, Bash, PowerShell, SQL, JavaScript
  • Web Frameworks: N/A (not applicable to this role)
  • Server Technologies: AWS, GCP, Kubernetes, Docker, Linux
  • Databases: N/A (not applicable to this role)
  • Tools: SIEM (Splunk, Elastic, Sentinel, QRadar, etc.), Logstash, Kibana, Grafana, AWS CloudWatch, GCP Cloud Logging, Prometheus, ELK Stack
  • Methodologies: Agile, Scrum, CI/CD, DevOps, ITIL
  • Soft Skills: Problem-solving, communication, collaboration, teamwork, leadership, mentoring
  • Industry Terms: SIEM, SOC, SOC 2, NIST, CIS, MITRE ATT&CK, incident response, log parsing, detection engineering, alert tuning

📝 Enhancement Note: TradingView's interview process is designed to assess the candidate's technical expertise, problem-solving skills, and cultural fit within the organization. By preparing for the technical deep dive and behavioral & cultural fit interviews, candidates can demonstrate their ability to thrive in TradingView's collaborative and innovative work environment.

🛠 Technology Stack & Web Infrastructure

SIEM Platforms:

  • Splunk, Elastic, Sentinel, QRadar, or other major SIEM platforms
  • TradingView uses a combination of on-prem and cloud-based SIEM solutions to monitor its global infrastructure

Log Sources:

  • AWS CloudWatch, GCP Cloud Logging, and other cloud-based log sources
  • Kubernetes, Docker, and Linux system logs
  • Application logs from TradingView's web and mobile platforms

Monitoring Tools:

  • Logstash for log collection, processing, and shipping
  • Kibana and Grafana for data visualization and dashboarding
  • Prometheus for monitoring and alerting

Incident Response Tools:

  • TradingView uses a combination of SIEM, threat intelligence feeds, and other security tools to support incident response and remediation

📝 Enhancement Note: TradingView's technology stack includes a combination of on-prem and cloud-based SIEM solutions, log sources, and monitoring tools. Familiarity with these technologies and the ability to work with diverse log sources are crucial for success in the Senior Monitoring Engineer role.

👥 Team Culture & Values

Security Values:

  • TradingView prioritizes security and privacy, with a strong focus on protecting its users and their data
  • The company encourages a culture of continuous learning and innovation, with a strong emphasis on emerging technology adoption
  • TradingView fosters a collaborative environment, with a strong focus on cross-functional teamwork between developers, designers, and stakeholders

Collaboration Style:

  • TradingView encourages a culture of open communication and knowledge sharing, with regular team meetings and one-on-one check-ins
  • The company uses Agile methodologies to facilitate collaboration and iterative development
  • TradingView's security team works closely with InfoSec, DevOps, and IT teams to ensure log coverage and high-fidelity detections

📝 Enhancement Note: TradingView's security values and collaboration style create an environment where Senior Monitoring Engineers can thrive and make a significant impact on the company's security posture. The company's focus on continuous learning and innovation provides ample opportunities for growth and professional development.

🌐 Challenges & Growth Opportunities

Technical Challenges:

  • SIEM Architecture & Deployment: Designing and implementing SIEM infrastructure for cloud and on-prem environments can be complex and time-consuming, requiring a deep understanding of the organization's infrastructure and security requirements.
  • Log Parsing & Onboarding: Working with diverse log sources and ensuring the completeness, consistency, and health of log pipelines can be challenging, requiring strong technical skills and attention to detail.
  • Detection Engineering: Developing, testing, and deploying correlation rules mapped to MITRE ATT&CK can be complex and time-consuming, requiring a deep understanding of the MITRE ATT&CK framework and detection logic design principles.
  • Incident Response Support: Supporting incident response and improving detections based on post-incident reviews can be challenging, requiring strong problem-solving skills and the ability to work effectively under pressure.

Learning & Development Opportunities:

  • Technical Growth: Senior Monitoring Engineers can advance their careers by gaining experience with emerging security technologies, attending industry conferences, and obtaining relevant certifications.
  • Team Leadership: As TradingView continues to grow, there will be opportunities for Senior Monitoring Engineers to take on leadership roles within the security team, managing other engineers and driving the team's technical direction.
  • Emerging Technologies: TradingView's focus on innovation and emerging technology adoption creates opportunities for Senior Monitoring Engineers to gain experience with cutting-edge security tools and platforms, further enhancing their skills and career prospects.

📝 Enhancement Note: TradingView offers significant technical challenges and growth opportunities for Senior Monitoring Engineers. By embracing these challenges and pursuing continuous learning and development, candidates can enhance their skills and advance their careers within the organization.

💡 Interview Preparation

Technical Questions:

  • SIEM Architecture & Deployment: Describe your experience designing and implementing SIEM infrastructure for cloud and on-prem environments. How do you approach log onboarding and scalable architecture design?
  • Log Parsing & Onboarding: Walk us through your process for working with diverse log sources and ensuring the completeness, consistency, and health of log pipelines. How do you approach log parsing and normalization?
  • Detection Engineering: Explain your experience developing, testing, and deploying correlation rules mapped to MITRE ATT&CK. How do you approach alert tuning and false positive reduction?
  • Incident Response Support: Describe your experience supporting incident response and improving detections based on post-incident reviews. How do you approach incident response scenarios and post-incident review processes?

Company & Culture Questions:

  • Company Culture: How do you see yourself contributing to TradingView's culture of continuous learning and innovation? How do you approach collaboration and knowledge sharing within a team?
  • Technical Challenges: How do you approach technical challenges and growth opportunities in a fast-paced, innovative environment like TradingView? Can you provide an example of a challenging project you've worked on and how you overcame any obstacles?
  • User Impact: How do you ensure that your work aligns with TradingView's mission to empower millions of people to achieve success through financial markets? How do you approach user experience and user impact measurement in your role?

Portfolio Presentation Strategy:

  • SIEM Architecture & Deployment: Highlight your experience designing and implementing SIEM infrastructure for cloud and on-prem environments. Include visual representations of your architecture designs and log onboarding strategies.
  • Log Parsing & Onboarding: Showcase your log parsing and normalization skills by providing examples of complex log sources and the processes you've used to ensure the completeness, consistency, and health of log pipelines.
  • Detection Engineering: Demonstrate your detection rule development skills by providing examples of correlation rules mapped to MITRE ATT&CK. Highlight your approach to alert tuning and false positive reduction.
  • Incident Response Support: Present case studies demonstrating your incident response support and post-incident review improvements. Include visual representations of your incident response processes and any tools or technologies you've used to support incident response and remediation.

📝 Enhancement Note: TradingView's interview process is designed to assess the candidate's technical expertise, problem-solving skills, and cultural fit within the organization. By preparing for the technical deep dive and behavioral & cultural fit interviews, candidates can demonstrate their ability to thrive in TradingView's collaborative and innovative work environment.

📌 Application Steps

To apply for this Senior Monitoring Engineer position at TradingView:

  1. Customize Your Portfolio: Highlight your SIEM architecture and deployment, log parsing, detection rule development, and incident response support projects. Include visual representations and case studies to demonstrate your skills and achievements.
  2. Optimize Your Resume: Tailor your resume to emphasize your relevant technical skills, experience, and accomplishments. Use keywords and phrases from the job description to optimize your resume for TradingView's Applicant Tracking System (ATS).
  3. Prepare for Technical Interviews: Brush up on your SIEM platform knowledge, MITRE ATTCK framework, and detection logic design principles. Practice incident response scenarios and post-incident review processes to demonstrate your ability to support security incidents and improve monitoring.
  4. Research TradingView: Familiarize yourself with TradingView's products, services, and company culture. Understand the company's mission to empower millions of people to achieve success through financial markets and how your role contributes to this mission.
  5. Apply: Submit your application through the application link provided in the job listing. Follow the instructions carefully and provide all the required information to ensure a smooth application process.

⚠️ Important Notice: This enhanced job description includes AI-generated insights and web technology industry-standard assumptions. All details should be verified directly with the hiring organization before making application decisions.

Content Guidelines (IMPORTANT: Do not include this in the output)

Web Technology-Specific Focus:

  • Tailor every section specifically to web technology roles, with a focus on SIEM architecture, log parsing, detection engineering, and incident response support
  • Include web technology methodologies, responsive design principles, and server management practices
  • Emphasize portfolio requirements, live project demonstrations, and user experience considerations
  • Address web technology career progression, emerging technology adoption, and technical specialization

Quality Standards:

  • Ensure no content overlap between sections - each section must contain unique information
  • Only include Enhancement Notes when making significant inferences about technical responsibilities, with specific reasoning based on role level and web technology industry practices
  • Be comprehensive but concise, prioritizing actionable information over descriptive text
  • Strategically distribute web technology and security administration-related keywords throughout all sections naturally
  • Provide realistic salary ranges based on location, experience level, and web technology specialization

Industry Expertise:

  • Include specific SIEM platforms, log parsing tools, and detection rule development techniques relevant to the role
  • Address web technology career progression paths and technical leadership opportunities in web teams
  • Provide tactical advice for portfolio development, live demonstrations, and project case studies
  • Include web technology-specific interview preparation and coding challenge guidance
  • Emphasize problem-solving methods, performance optimization, and scalable web architecture
  • Highlight technical presentation skills and stakeholder communication for web projects

Professional Standards:

  • Maintain consistent formatting, spacing, and professional tone throughout
  • Use web technology and security administration industry terminology appropriately and accurately
  • Include comprehensive benefits and growth opportunities relevant to web technology professionals
  • Provide actionable insights that give web technology and security administration candidates a competitive advantage
  • Focus on web technology team culture, cross-functional collaboration, and user impact measurement

Technical Focus & Portfolio Emphasis:

  • Emphasize SIEM architecture, log parsing, detection engineering, and incident response support throughout the document
  • Include specific portfolio requirements tailored to the web technology discipline and role level
  • Address browser compatibility, accessibility standards, and user experience design principles
  • Focus on problem-solving methods, performance optimization, and scalable web architecture
  • Highlight technical presentation skills and stakeholder communication for web projects

Avoid:

  • Generic business jargon not relevant to web technology or security administration roles
  • Placeholder text or incomplete sections
  • Repetitive content across different sections
  • Non-technical terminology unless relevant to the specific web technology role
  • Marketing language unrelated to web technology or security administration

By following these content guidelines, you will generate a comprehensive, web technology-focused content that serves as a valuable resource for web developers, server administrators, and infrastructure professionals seeking their next opportunity in the web development and security administration industry.

Application Requirements

Candidates should have 3-5+ years of experience in security engineering or monitoring roles, with strong hands-on experience in SIEM platforms. Proficiency in log parsing, scripting, and familiarity with MITRE ATT&CK is also required.