SIEM Data Engineer
SIEM Data Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Job Description for SIEM Data Engineer Position
Who we are looking for:
Cyber Data & Analytics team is looking for a SIEM Data Engineer. The Cyber Data & Analytics team delivers models insights and tooling to help Cybersecurity teams make faster more informed decisions as we work to secure clients digital footprint. As a SIEM Data Engineer you will be responsible for designing implementing and maintaining solutions that enhance data visibility transform data and improve overall data quality in collaboration with data product managers architects engineers and other team members to deliver SIEM & analytics functions that support our mission to build predictive models and intelligent systems that help secure information and infrastructure.
What you will be responsible for: Onboard cloud-native security logs (AWS Azure OCI) Infrastructure and business application security logs to Splunk/SIEM platform using Cribl Stream and various agents like Splunk UF Grafana Opentelemetry Fluentbit/Fluentd. For this you must
- Collaborate with cross-functional teams to understand data integration requirements and design solutions using CRIBL stream and Splunk Enterprise
- Configure and customize CRIBL stream to efficiently route filter & transform data streams from various infrastructure applications and public cloud services
- On-boarding multi cloud native data sources into SIEM using CRIBL & various integration strategies highlighting the key trends of the data and data flows
- Resolving technical issues and helping implement strategies and solutions to reduce the likelihood of recurrence.
Education & Preferred Qualifications
Minimum Qualifications
- Primary skillsets required are: Splunk data administration Cribl Stream GitOps (Cribl code deployed using GitOps) Confluence/Jira
- Minimum 6 years of platform engineering with DevOps experience with minimum bachelors degree in Computer Science or Engineering.
- 5 years of experience log onboarding to logging platforms to support SIEM and Observability
- 2 years of data pipeline platform implementation experience using tools like Splunk Cribl Fluentbit/Fluentd &
- Practical experience with Data Engineering for CIM compliance
- A deep understanding of CI/CD tools and a strong desire to help teams release frequently to production with a focus on creating reliable high-quality results.
- Strong GitOps experience
- Must have Splunk data and platform administration experience
Preferred Experience
- Splunk certifications (e.g. Splunk Certified Architect or Splunk Certified Consultant).
- CRIBL certifications (e.g. Cribl Certified Observability Engineer)
- Experienced in administering Splunk Enterprise security
Employment Type
Full-time
