SIEM Engineer

Client : Pharmaceutical Industry

Job : SIEM Engineer

Location : 3x a week on site in Rahway NJ OR Austin TX

Duration : Long-term contract with potential to convert

Our client is looking for engineers to support a new Cribl architecture that will replace SPLUNK for observability and log management to simplify data routing, transformation, and enrichment of data pipelines and streaming.

• A minimum of 7 years of hands-on experience in cybersecurity and big data analytics, showcasing expertise in advanced technical aspects of logging and Security Information and Event Management (SIEM) solutions.
• Strong proficiency in Big Data Analytics tools such as Elastic, Cribl, Splunk, and Azure Sentinel, coupled with a deep understanding of their technical nuances and practical implementations.
• Two years of Cribl specific experience with knowledge in the following areas : Stream, Data parsing and normalization, data extraction techniques to include Regex extraction functions, routes, pipelines, and creating and customizing Cribl packs. Cribl certification and experience with hybrid deployments preferred.
• Proven track record managing complex Enterprise Security solutions, including deploying and managing automation technologies.
• Extensive knowledge and experience with both Unix and Windows operating systems, endpoint log collection, syslog-ng and adept at utilizing command line interfaces to perform intricate tasks.
• Excellent communication and engagement skills, enabling effective interaction with a diverse range of stakeholders, along with strong interpersonal and presentation abilities.
• A deep-seated passion for addressing complex technical challenges, consistently striving to exceed expectations.
• Experienced in deploying infrastructure within VMware, AWS, and Azure cloud.
• Successfully adapts to a dynamic, rapidly evolving environment while also capable of working independently.
• Relevant experience in IT security systems, large enterprise infrastructure management, and operations.
• Proficient in gathering technical requirements and scoping, including the creation of documentation and technical drawings to ensure scope acceptance.
• Experienced in SIEM best practices, particularly log analysis, data onboarding, parsers, pipelines, and data lakes; familiarity with Azure Sentinel and Azure Data Explorer (ADX) is required.
• Competent in creating configuration, automation, scripting languages, and integration scripts using various languages, tools, and standards, including KQL, Python, PowerShell, JavaScript, YAML, REST API, Go, Bash, etc. Recent experience in developing automation scripts and CI / CD workflows.
• Experienced in developing engineering (SDLC) documentation and providing coaching and mentoring to facilitate knowledge transfer to internal operations teams.
• Strong problem-solving capabilities and proficiency in written and verbal communication in English.

Must Have Qualifications :