Conexess GroupRemote
Staff Security Logging Engineer - Must have experience with CribI Suite & Splunk
United States of America
Full Time
3 weeks ago
No H1B
Key skills
CriblSplunkSecurity data observabilitySecurity operations center (SOC) supportSIEM platformsSOAR platformsCybersecurity data management certificationPCI-DSS knowledgeHIPAA knowledgeGDPR knowledgeCollaboration
About this role
Conexess Group is a technology company focused on transforming financial services for community banks and credit unions. They are seeking a Staff Security Logging Engineer who will be responsible for designing and implementing enterprise logging and data solutions, ensuring optimal configurations, and collaborating with incident response teams to manage security data effectively.
Responsibilities:
- Design and implementation of enterprise logging and data solutions
- Identifying suboptimal configurations and defining resolution strategies for enterprise logging and data platforms
- Ensuring license, ingest, and cost prevention strategies are developed and applied to all applicable platforms
- Assist with the development and creation of platform roadmaps and lifecycle strategies
- Pipeline Architecture: Design, build, and maintain scalable data pipelines to ingest, parse, and normalize security telemetry from diverse sources (Cloud, Endpoint, Network, Identity)
- Data Lifecycle Management: Implement data retention, archiving, and tiering strategies to balance compliance requirements with storage costs
- Health & Performance Monitoring: Develop dashboards and alerts to monitor the latency, throughput, and 'heartbeat' of log sources to ensure zero data loss
- Stakeholder Collaboration: Partner with Incident Response (IR) and Detection Engineering teams to ensure they have the right data, in the right format, at the right time
- Contributes to threat prevention by researching, recommending, developing, and implementing changes to security tools across host, network, and cloud environments
- Provides complex troubleshooting and support for cybersecurity-related issues
- Leads and completes assigned cybersecurity-related projects
- Develops and implements standards to apply cybersecurity controls consistent with approved policies
- Leads documentation and process improvement efforts
- Resolves escalated security cases
- Provides assistance and guidance to less experienced team members
- Performs other duties as assigned
Requirements:
- Minimum of nine years' experience in security data observability and management supporting security operations center (SOC) teams or similar
- Certified Cribl Engineer - Willing to look at equivalent enterprise experience
- Minimum two years' experience as a Cribl administrator/engineer
- Demonstrable experience with Splunk at an engineering level
- Demonstrable experience with major SIEM/SOAR platforms
- At least one professional level cybersecurity data management certification, or similar
- Experience in highly regulated environments, or knowledge of PCI-DSS, HIPAA, or GDPR mandates