Sr. Cribl Data Engineer | Remote, USA

1 day ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

Lensa is the leading career site for job seekers at every stage of their career. Our client, Optiv, is seeking professionals. Apply via Lensa today!

The Data Engineer works in Optiv Security’s 24x7x365 Security Operations Center as a member of the Managed Security Services (MSS) team. The engineer will be responsible for creating procedures, implementing the software pipeline, focusing on monitoring and platform maintenance, and security systems for client environments. Experience with observability pipelines, Splunk SIEM, and other security technologies is essential. The candidate will work closely with management, principal engineers, senior engineers, solution architects, threat analysts, and other teams and clients to deliver high-profile, critical services. They will serve as a primary responder for managed security customer systems, owning client issues through resolution.

Responsibilities include:

1. Act as a point of escalation for other engineers, providing guidance and mentorship.
2. Assist with client transition and onboarding, serving as the primary contact for MSS clients.
3. Document account governance processes, generate reports, and notify senior leadership of potential SLA issues.
4. Explain and demonstrate observability and SIEM products to both technical and non-technical personnel.
5. Provide remote consulting to assist with implementation of various products and technologies.
6. Implement, configure, and maintain SIEM software and appliances in enterprise and government environments.
7. Develop, deploy, and tune SIEM content such as rules, dashboards, reports, and models.
8. Support Tier 1 escalation support for authorized customers, following proper processes.
9. Lead the Splunk team by prioritizing work requests and projects.
10. Collaborate with management and engineers to define processes and improve existing ones.
11. Identify areas for process improvement, assist in team development, and develop training methods.
12. Perform knowledge transfers and train clients on security and system configurations.

Qualifications:

• 2+ years managing and maintaining observability platforms.
• 1+ years as a Splunk Administrator.
• 2+ years as a Cribl Administrator.
• Expert knowledge of Splunk Enterprise Security.
• Experience with installing and configuring Splunk CORE and Enterprise Security.
• Ability to analyze logs from various security devices.
• Confidence in solving complex technical problems.
• Willingness to learn and support multiple vendor platforms.
• Experience designing, automating, maintaining, and optimizing observability platforms.
• Knowledge of security logging for Linux, Windows, EDRs, Firewalls, and Active Directory.
• Experience with big data technologies like Kafka, Splunk, TSDB, etc.
• Experience working with cloud platforms (AWS, Azure, GCP).
• Knowledge of security industry standards and trends.
• Experience creating custom content, dashboards, reports, and alerts.
• Flexibility to provide on-call support as needed.
• Experience with ticketing and knowledge base systems (Jira, Confluence, ServiceNow).
• Security certifications (GIAC, CISSP, etc.) preferred.
• Knowledge of Linux and Windows OS.
• Understanding of server applications like DBMS, Exchange, DNS, etc.
• Experience with security products such as Devo, Chronicle, EDR, etc.
• Familiarity with DevOps practices.
• Strong communication skills.
• Ability to interpret instructions and solve problems involving multiple variables.

What You Can Expect From Optiv

• Commitment to Diversity, Equity, and Inclusion.
• Work/life balance, training resources, and opportunities for complex projects.
• Volunteer opportunities through “Optiv Chips In”.
• Remote work options where applicable.

EEO Statement

Optiv is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, gender identity, sexual orientation, age, marital status, genetic information, national origin, disability, military or veteran status, or other protected categories. We respect your privacy; by applying, you acknowledge our privacy practices as detailed in our Applicant Privacy Notice.