Cribl SME

Role: Cribl SME

Location: Redmond, WA(Onsite Day 1)

Job Duties:

Assessment and Planning
Conduct a comprehensive assessment of the current Cribl deployment.
Develop a detailed deployment plan, including risk assessment, mitigation strategies, RACI, and communications plan.
Create initial architectural diagrams for connectivity, system design, etc...
Conduct a Microsoft Sentinel & Splunk ES feature comparison and gap analysis, such as, but not limited to:
* Administrative capabilities and features, including user management, role-based access control, and auditing tools./
* Configuration and customization options to align with organizational workflows and security requirements.
Detection capabilities, such as built-in analytics, rule creation, and anomaly detection frameworks.
Integration with Al-driven tooling, including Microsoft Copilot, to enhance automation and decision-making processes.
* Data ingestion and normalization processes, focusing on supported data types, scalability, and transformation capabilities.
* Reporting and visualization tools to assess readiness for operational and executive-level insights.
Identify all security-relevant datatypes that need to be migrated, as well as initial test datatypes to enable proof-of-concept integrations with SecOps SOAR tooling.
Engage with all key stakeholders from ABK Infosec, ABK IT, and any business owners of systems in scope.
Build out any additional systems or features, 9.g. Cribl Stream workers, Event Hubs endpoints for log aggregation and delivery to Microsoft Sentinel.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.