Mid-level Security Observability Engineer

Connvertex Technologies Inc.

Job Location:

San Francisco, CA - USA

Monthly Salary: Not Disclosed

Posted on: 10 hours ago

Vacancies: 1 Vacancy

Job Summary

Job Details

We are seeking a mid-level Security Observability Engineer who will own the design implementation and maintenance of the security telemetry pipelines customer detection response and reporting functions depend on. Working closely with customer platform and security engineering peers you will onboard log sources engineer data pipelines stand up SIEM and security data platforms and build the dashboards and reporting surfaces that make posture and coverage visible. This position is based in our SF office on a hybrid schedule; candidates outside the Bay Area who are willing to travel regularly are also encouraged to apply.

RESPONSIBILITIES

Design deploy and maintain log source integrations across identity (Okta Azure AD) cloud (AWS GCP Azure) endpoint (CrowdStrike SentinelOne) SaaS (Google Workspace GitHub Salesforce) and network layers.
Perform telemetry gap analyses against customer environments and detection requirements to identify coverage blind spots.
Normalize parse and enrich security telemetry so downstream detection hunting and analytics workflows receive reliable data.
Deploy and configure SIEM and security data platforms (Panther Microsoft Sentinel Splunk) and the data stores behind them (Snowflake or other cloud data platforms).
Apply infrastructure-as-code practices (Terraform CloudFormation Pulumi) to SIEM configuration connector management and data pipeline lifecycle.
Build dashboards metrics and reporting surfaces that give customers clear visibility into security posture telemetry coverage and operational health.
Manage retention tiering and cost for security data in cloud-native architectures.
Write and maintain documentation runbooks and architecture decision records (ADRs) for pipelines integrations and platform configurations.

QUALIFICATIONS

3 to 5 years of experience in security observability detection engineering security data engineering or a related technical role.
Hands-on experience onboarding log sources and building telemetry pipelines into at least one major SIEM or security data platform.
Working proficiency in one or more query languages: SQL KQL SPL CQL PantherFlow or SnowSQL.
Familiarity with log sources and security telemetry across endpoint identity cloud SaaS and network layers.
Proficiency in Python or similar scripting language for automation tooling and integration work.
Solid understanding of modern cloud architectures (containers Kubernetes serverless microservices APIs) and how telemetry flows through them.
Excellent communication skills with the ability to translate pipeline architecture and coverage status into actionable recommendations for customer platform and security teams.
Must be located in the SF Bay Area or willing to travel to our San Francisco office on a regular cadence.

NICE TO HAVE

Relevant certifications such as CCSK CCSP AWS Security Specialty or GCDA.
Experience with Snowflake or other cloud data platforms in a security analytics context.
Hands-on experience with CSPM/CNAPP platforms (Wiz Orca Prisma Cloud Lacework).
Background in data engineering platform engineering or SRE prior to security.

Job Details We are seeking a mid-level Security Observability Engineer who will own the design implementation and maintenance of the security telemetry pipelines customer detection response and reporting functions depend on. Working closely with customer platform and security engineering peers you w...

Job Details

Design deploy and maintain log source integrations across identity (Okta Azure AD) cloud (AWS GCP Azure) endpoint (CrowdStrike SentinelOne) SaaS (Google Workspace GitHub Salesforce) and network layers.
Perform telemetry gap analyses against customer environments and detection requirements to identify coverage blind spots.
Normalize parse and enrich security telemetry so downstream detection hunting and analytics workflows receive reliable data.
Deploy and configure SIEM and security data platforms (Panther Microsoft Sentinel Splunk) and the data stores behind them (Snowflake or other cloud data platforms).
Apply infrastructure-as-code practices (Terraform CloudFormation Pulumi) to SIEM configuration connector management and data pipeline lifecycle.
Build dashboards metrics and reporting surfaces that give customers clear visibility into security posture telemetry coverage and operational health.
Manage retention tiering and cost for security data in cloud-native architectures.
Write and maintain documentation runbooks and architecture decision records (ADRs) for pipelines integrations and platform configurations.

QUALIFICATIONS

3 to 5 years of experience in security observability detection engineering security data engineering or a related technical role.
Hands-on experience onboarding log sources and building telemetry pipelines into at least one major SIEM or security data platform.
Working proficiency in one or more query languages: SQL KQL SPL CQL PantherFlow or SnowSQL.
Familiarity with log sources and security telemetry across endpoint identity cloud SaaS and network layers.
Proficiency in Python or similar scripting language for automation tooling and integration work.
Solid understanding of modern cloud architectures (containers Kubernetes serverless microservices APIs) and how telemetry flows through them.
Excellent communication skills with the ability to translate pipeline architecture and coverage status into actionable recommendations for customer platform and security teams.
Must be located in the SF Bay Area or willing to travel to our San Francisco office on a regular cadence.

NICE TO HAVE

Relevant certifications such as CCSK CCSP AWS Security Specialty or GCDA.
Experience with Snowflake or other cloud data platforms in a security analytics context.
Hands-on experience with CSPM/CNAPP platforms (Wiz Orca Prisma Cloud Lacework).
Background in data engineering platform engineering or SRE prior to security.