SIEM Cyber security Engineer

Role name : Engineer Role Description : Job Description for SIEM Data Engineer Position Who we are looking for : Cyber Data & Analytics team is looking for a SIEM Data Engineer. The Cyber Data & Analytics team delivers models, insights, and tooling to help Cybersecurity teams make faster, more informed decisions as we work to secure State Street's digital footprint. As a SIEM Data Engineer, you will be responsible for designing, implementing, and maintaining solutions that enhance data visibility, transform data, and improve overall data quality in collaboration with data product managers, architects, engineers, and other team members to deliver SIEM & analytics functions that support our mission to build predictive models and intelligent systems that help secure State Street's information and infrastructure. What you will be responsible for : Onboard cloud-native security logs (AWS, Azure , OCI), Infrastructure and business application security logs to Splunk / SIEM platform using Cribl Stream and various agents like Splunk UF, Grafana, Opentelemetry, Fluentbit / Fluentd. For this, you must

• Collaborate with cross-functional teams to understand data integration requirements and design solutions using CRIBL stream and Splunk Enterprise
• Configure and customize CRIBL stream to efficiently route, filter & transform data streams from various infrastructure, applications and public cloud services
• On-boarding multi cloud native data sources into SIEM using CRIBL & various integration strategies, highlighting the key trends of the data and data flows
• Resolving technical issues and helping implement strategies and solutions to reduce the likelihood of recurrence. Education & Preferred QualificationsMinimum Qualifications
• Primary skillsets required are : Splunk data administration, Cribl Stream, GitOps (Cribl code deployed using GitOps), Confluence / Jira
• Minimum 6+ years of platform engineering with DevOps experience with minimum bachelor's degree in Computer Science or Engineering.
• 5+ years of experience log onboarding to logging platforms to support SIEM and Observability
• 2+ years of data pipeline platform implementation experience using tools like Splunk, Cribl, Fluentbit / Fluentd & Vector.dev
• Practical experience with Data Engineering for CIM compliance
• A deep understanding of CI / CD tools and a strong desire to help teams release frequently to production with a focus on creating reliable high-quality results.
• Strong GitOps experience
• Must have Splunk data and platform administration experiencePreferred Experience
• Splunk certifications (e.g., Splunk Certified Architect or Splunk Certified Consultant).
• CRIBL certifications (e.g., Cribl Certified Observability Engineer)
• Experienced in administering Splunk Enterprise security Competencies : Cyber Security Experience (Years) : 6-8

Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.