Principal SOC Engineer - Security Telemetry & Detection Platforms

You desire impactful work.

You're RGA ready

RGA is a purpose-driven organization working to solve today's challenges through innovation and collaboration. A Fortune 200 Company and listed among its World's Most Admired Companies, we're the only global reinsurance company to focus primarily on life- and health-related solutions. Join our multinational team of intelligent, motivated, and collaborative people, and help us make financial protection accessible to all.

Owns the architecture, engineering, and strategic direction of the security monitoring infrastructure supporting global SOC operations. Drives innovation and scalability across core platforms such as Splunk Cloud, Cribl Cloud, and CrowdStrike Falcon to enable high-fidelity detection, efficient telemetry pipelines, and rapid incident response. Operates at a highly dedicated and specialized engineering level, influencing enterprise-wide security telemetry strategy, mentoring senior engineers, and ensuring alignment with threat detection and response objectives.

Principle Duties

• Architect and lead the engineering strategy for SOC platforms, including Splunk Cloud (SIEM), Cribl Cloud (observability pipelines), and CrowdStrike Falcon (EDR / XDR), ensuring scalability, resilience, and operational efficiency.
• Influence design and enforce telemetry standards across cloud, endpoint, and network environments, ensuring comprehensive visibility and alignment with threat detection frameworks (e.g., MITRE ATT&CK).
• Engineer and optimize Cribl pipelines for secure, cost-effective, and high-performance log routing, transformation, and enrichment across multiple destinations.
• Engineer and maintain Splunk Cloud detection content with a focus on platform performance, automation, and cost efficiency to optimize correlation searches, alerting logic, and data models reducing resource consumption, improving signal quality, and streamlining operational workflows.
• Implement and govern role-based access controls (RBAC), user provisioning, and least privilege models across SOC tooling to ensure secure and auditable operations.
• Lead integration efforts between SOC platforms and broader enterprise systems (e.g., SOAR, cloud-native logging, threat intelligence feeds), driving automation and interoperability.
• Advise security leadership, security architects, and infrastructure teams on telemetry strategy, detection engineering, and platform capabilities.
• Participate in high-severity incident response efforts, providing deep technical expertise in log analysis, root cause investigation, and tooling support.
• Evaluate emerging technologies and lead proof-of-concept initiatives to enhance SOC capabilities and reduce operational friction.
• Establish and refine engineering processes, including CI / CD for detection content, observability pipeline governance, and platform health monitoring.
• Mentor senior engineers and technical leads, fostering a culture of excellence, innovation, and continuous improvement.

Education

Required Experience, Skills and Abilities

#LI-CW1

#LI-Remote

What you can expect from RGA :

Compensation Range :

$146,950.00 - $218,950.00 Annual

Base pay varies depending on job-related knowledge, skills, experience and market location. In addition, RGA provides an annual bonus plan that includes all roles and some positions are eligible for participation in our long-term equity incentive plan. RGA also maintains a full range of health, retirement, and other employee benefits.

RGA is an equal opportunity employer. Qualified applicants will be considered without regard to race, color, age, gender identity or expression, sex, disability, veteran status, religion, national origin, or any other characteristic protected by applicable equal employment opportunity laws.