Security Engineer (GCP / Splunk)-078065
Description
The GCP Architect will design a logging and alerting framework within Google Cloud Logging that mimics functionality within Splunk.
Responsibilities :
- Working with the Splunk architect to design the Google Cloud framework including logging APIs, routers, sinks and logging stores
- Perform Google Cloud Logging setup and readiness including environment configuration for Google logging landing zones, logging buckets and sinks
- Develop and document logging sources and mapping into Cloud logging.
- Map data sources from other technologies to Google Cloud Logging. Deliver associated documentation
- Developing log routing configurations
- Set-up and operationalize retention policies
- Design and configure Log parsing and error management
- Optimize and transform log formats to ensure compatibility with Google Logging’s Unified Data Model (UDM).
- Implement and validate data migration processes to avoid data loss and ensure compliance with retention policies.
- Perform the migration of historical log data from Splunk to Google Cloud Logging.
- Set up and test ingestion of logs according to pre-documented test plan.
- Ensure compatibility for firewalls, endpoint solutions, and cloud services.
- Verify and validate completeness and accuracy of logs set-up and data content.
- Develop test scripts, plans and conduct testing of event correlation workflows within logging
- Perform gap analysis to ensure all key log sources, events, and threat signals are captured.
- Design and build custom dashboards in Google Logging to visualize key metrics and logs.
Requirements :
Proven experience as a Cloud Architect with a strong focus on GCP.Expert knowledge of GCP services related to networking, security, data management, and cloud infrastructure.Strong understanding of best practices in cloud architecture and security (SecOps).Relevant certifications such as Google Professional Cloud Architect, Google Professional Cloud Network Engineer, or similar.