Security Engineer

Posted Today by 1763793205

Apply

Negotiable

Outside

Remote

USA

Apply

Application Programming Interface (API) Automation Cyber Incident Response Data Engineering Data Flow Diagram Data Validation Gap Analysis Lifecycle Management Management Python (Programming Language) Scripting Security Information And Event Management (SIEM) Stakeholder Management Storage Management Verification And Validation

Summary: The role of Security Engineer involves managing the complete lifecycle of security logs, focusing on ingestion, optimization, and analysis. The ideal candidate will have a strong background in security data engineering and SIEM management, particularly with Google SecOps and CRIBL. This position requires initial onsite travel for orientation, after which it will be fully remote. The candidate will also engage in automation, scripting, and collaboration with various stakeholders to enhance security operations.

Key Responsibilities:

Manage SIEM platforms and log observability pipelines.
Oversee the end-to-end log data lifecycle, including onboarding new log sources and developing parsers.
Perform data validation and gap analysis to identify missing logs.
Implement log reduction and filtering strategies to optimize data flow and storage costs.
Utilize Python scripting and vendor APIs for automation of log validation and troubleshooting tasks.
Build dashboards for security operations and set up alerts based on log volume changes or security events.
Coordinate with external agencies and internal teams for log onboarding.
Gather requirements from stakeholders to enhance detection capabilities.
Research and track new features from Google SecOps and CRIBL for continuous improvement.

Key Skills:

Proficiency in managing SIEM platforms, specifically Google SecOps and CRIBL.
Experience in log lifecycle management and developing parsers.
Strong skills in Python scripting and using vendor APIs.
Ability to build effective dashboards and set up alerts.
Excellent communication and coordination skills.
Proactive mindset for continuous improvement and research.

Salary (Rate): undetermined

City: undetermined

Country: USA

Working Arrangements: remote

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

We're seeking for an Security Engineer for our direct client. Please review the below job Description and revert with your interest for the same.

Job Details:

Job Title: Security Engineer

Duration:9-12 Months

REMOTE(Columbus, OH)

Note: On the start date, the candidate is required to travel to the onsite location at their own expense to attend orientation, collect their access badge, and laptop. Following this initial onboarding, the position will transition to fully remote.

Job Summary

We are seeking a candidate with a strong background in security data engineering and SIEM management. The ideal candidate will be responsible for the complete lifecycle of our security logs, from ingestion to optimization and analysis.

Core Technical Skills

SIEM & Log Management: Deep proficiency in managing SIEM platforms, specifically Google SecOps (formerly Chronicle), and log observability pipelines, with hands-on experience in CRIBL.

Log Lifecycle Management: Demonstrated experience in the end-to-end log data lifecycle, including:

Onboarding new log sources.

Developing and maintaining parsers (e.g., Regex) for unparsed data.

Performing data validation and gap analysis to identify missing logs.

Implementing log reduction and filtering strategies to optimize data flow and storage costs (hot/cold storage management).

Automation & Scripting: Proficiency in Python scripting and utilizing vendor APIs to automate log validation, troubleshooting tasks, and data queries.

Data Visualization & Alerting: Proven ability to build effective dashboards for security operations and monitoring, as well as set up critical alerts based on log volume changes or security events.

Collaboration & Strategy

Stakeholder Management: Excellent communication and coordination skills to work effectively with external agencies for log onboarding and internal teams, such as the Security Incident Response Team (SIRT).

Requirements Gathering: Ability to collaborate closely with SIRT and other stakeholders to gather feedback, identify operational needs (missing data, parser improvements), and enhance detection capabilities.

Continuous Improvement: A proactive mindset to research and track new features and releases from Google SecOps and CRIBL, assessing their potential impact and identifying opportunities for implementation.

Apply

Inside IR35

Outside IR35

Permanent Employee

IR35

Umbrella Companies

Limited Companies

First Time Contractors

What Is IR35?

InsideIR35

Outside IR35

The Cost of IR35

IR35 Assessments

IR35 Rules

IR35 Compliance

Expenses

Foreign Companies

Overseas Contractors

Limited Companies

Sole Traders

What Is An Umbrella Company?

Choosing an Umbrella Company

Tax and Pay

Tax Avoidance

Fees (Margin)

National Insurance

Holiday Pay

Expenses

Pensions

Maternity Pay

Sick Pay

What Is A Limited Company?

Limited Company vs Sole Trader

Incorporation

Taxes

Filing Responsibilities

Bookkeeping

Insurance

Expenses

Buying a Car or Van

Capital Allowances

Benefits In Kind

Pensions

Employing A Spouse

Managing Excess Money

Dormant Companies

Closing Your Company

Withdrawing Money

Business Asset Disposal Relief

How To Become A Contractor

Inside IR35 Checklist

Outside IR35 Checklist

Self-Assessment Tax Returns

Mortgages

Pensions

Working Multiple Contracts

What is the £100k Abatement?

Inside IR35

Outside IR35

Permanent Employee

IR35

Umbrella Companies

Limited Companies

First Time Contractors

What Is IR35?

InsideIR35

Outside IR35

The Cost of IR35

IR35 Assessments

IR35 Rules

IR35 Compliance

Expenses

Foreign Companies

Overseas Contractors

Limited Companies

Sole Traders

What Is An Umbrella Company?

Choosing an Umbrella Company

Tax and Pay

Tax Avoidance

Fees (Margin)