Key skills
GrafanaPrometheusSplunkSQLDatadogOtel
About this role
Role Overview
- Serve as the primary implementer for the new SIEM solution, configuring data ingestion and tuning the platform for optimal performance
- Own the security observability platform on Grafana (Loki/LogQL, Prometheus/PromQL, Grafana Alerting; OTel for collection), including onboarding sources, parsing, enrichment, and alert routing
- Own the "Content Engineering" lifecycle: Write, test, and tune detection rules and queries (LogQL, PromQL, SPL, KQL, SQL, etc.) to identify malicious activity with low false-positive rates
- Partner with the Engineering team to ensure the new observability platform captures the right security telemetry and logs
- Serve as the primary operator for security monitoring and initial incident triage, participating in the on-call rotation
Requirements
- 5-7 years of total experience in Information Security or Security Operations
- Proven experience transitioning from a "consumer" of alerts (Analyst) to a "builder" of detections (Engineer)
- Demonstrated experience working with SIEM/observability platforms (Grafana/Loki preferred; Splunk/Elastic/Sentinel/Datadog acceptable), specifically in creating dashboards, reports, and writing complex queries
- Experience working with Managed Detection and Response (MDR) providers or MSSPs is highly preferred
- Background in partnering with DevOps or Engineering teams on logging or observability initiatives is a plus
- Bachelor’s degree in Computer Science, Information Security, or a related field or equivalent work experience
- Industry certifications such as GCIH, GCIA, GCED, GMON, Security+, CySA+ or related are highly desirable
Tech Stack
- Grafana
- Prometheus
- Splunk
- SQL
Benefits
- Employees can expect a robust benefits package, including health and dental and 401k with company match
- Find your perfect work/life balance with our Flexible Time Off policy or generous PTO plan (role dependent) and paid holidays
- Up to 4 weeks paid bonding leave
- Tuition reimbursement
- Robust Employee Assistance Program through TotalCare offering free counseling 24/7/365, plus financial counseling, legal guidance, adoption assistance services and much more!
- 24/7 access to virtual medical care with Teladoc
- Quarterly awards based on peer nominations
- Regional discounts and perks
- Opportunities to participate in charitable events and give back to the community