SecOps Observability Engineer

Requirements:

• Hands-on experience with observability products such as SIEM (Security Information & Event Management, SOAR (Security Orchestration, Automation, and Response), and data stream management tools like Cribl.

• In-depth knowledge of log management, monitoring, and alerting techniques.

• Experience with setting up, modifying, and tuning alerts within the SIEM to ensure critical threats are identified properly.

• Understanding data ingestion, transformation, and enrichment workflows for integrating various log sources, network telemetry, and security event data into observability platforms.

• Ability to work with and understand log parsing, aggregation, and normalization.

• Proven track record working in a Security Operations Center (SOC), with direct involvement in threat detection, incident response, and security event monitoring. Strong understanding of SOC workflows and processes.

• Ability to communicate strongly and efficiently within the SOC. Must be able to collaborate with internal stakeholders and external vendors.

• Comfortable producing clear, concise reports and documentation related to security incidents and system performance.

You’ll Bring These Qualifications:

• Experience with one or more products: Observo, Tableau, CrowdStrike NG-SIEM, Splunk, Google SecOps, Palo Alto XSIAM, Elastic, etc...

• Bachelor’s degree in a relevant discipline or equivalent experience

• Minimum 4 years in an enterprise level security consultative role building and assessing Information Security architectures and programs

• Prior experience in a corporate operational or technical leadership role