Senior Security Engineer (SIEM/Cribl) - Northeast region (Remote)

📋 Description

• Architect, implement, and maintain SIEM and observability pipelines.
• Remote role; US East Coast preferred for collaboration hours.
• Design around modern platforms: Palo XSIAM, MS Sentinel, Chronicle, Humio, Splunk.
• Build custom parsers, dashboards, correlation rules, and alerting logic.
• Optimize log ingestion with Cribl Stream/Edge/Search; improve routing.
• Collaborate with cybersecurity, DevOps, and cloud teams; lead incident response.

🎯 Requirements

• 5+ years in security engineering with SIEM.
• Hands-on with two SIEMs from the list (e.g., Palo XSIAM, MS Sentinel).
• 2+ years with Cribl or similar observability pipelines.
• Strong knowledge of log formats, normalization, and event correlation.
• Familiar with detection engineering, threat modeling, and MITRE ATT&CK.
• Proficiency in scripting (Python/PowerShell/Bash) and regex.
• Deep understanding of cloud (AWS/Azure/GCP) and on-prem logging.

🎁 Benefits

• Remote workforce primarily; US-based; some travel may be required.
• Medical and dental insurance options.
• 12 corporate holidays and Flexible Time Off.
• Mobile phone and home internet allowance.
• Retirement plan eligibility after open enrollment.
• Pet benefit option.