FULLREMOTE - SIEM Data Engineer

Capitole Consulting keeps growing and we want to do it with you! Key Responsibilities: Connecting security-relevant log sources to a SIEM via a Log Stream Processing Platform. Analyzing logs, identifying/defining data models, and assisting in populating our SIEM solution with data. Defining parsers for normalizing log data using Log Stream Processing solutions. Planning and conducting security assessments for the identification and definition of security use cases within a SIEM solution. Documenting security use cases and data models with all relevant information for the continuous expansion and enhancement of our SIEM platform. Supporting the operations team in building and expanding log stream processing solutions like Cribl. Required Qualifications: Successfully completed degree with a focus on Computer Science, IT Security, or equivalent professional experience. Knowledge of cloud technologies (OpenStack/Kubernetes) and commercial cloud providers such as AWS/Azure/GCP. At least 3 years of experience in Log Stream Processing (Cribl) and SIEM tools (Splunk/Elastic). Experience in IT operations and security, ideally through professional services or support. Profound knowledge of common log formats. Extensive knowledge of operating systems (UNIX, Linux, Windows) and network technologies. Experience with common scripting languages (JavaScript, Bash/Shell, Python). Proficient in using version control software (e.g., GitHub). Excellent knowledge of Regular Expressions and data normalization. Good data visualization skills. Profound knowledge of Security Incident Response and Playbook processes. Strong analytical thinking and an independent work ethic. Ability to interact effectively with both technical and non-technical stakeholders. Capable of adapting to a dynamic, fast-growing environment. Demonstrated interest in learning new topics and technologies. Excellent English language skills, both written and spoken. Languages: English C1 Location: FULLREMOTE Schedule

flexible. Friday intensive. We're great, but with you we'll be even better! For this you will have: - Budget of 1.200€ in individual training for you to use it in whatever you want (technological events, books, trainings, certifications, etc.). - Follow-up with your team every month for continuous feedback. - Teleworking. - Flexible working hours to help you reconcile your professional / family life. - Private medical insurance paid in full by Capitole. - Flexible remuneration (restaurant tickets, transport and/or childcare). - WellHub. - Discounts on major brands for employees (Club Capitole). Get to know the whole family: - Team Buildings every two months - don't miss the summer party or the Christmas dinner! - Football team sponsored by Capitole. - Technological communities for you to share your knowledge and ideas with the other teams, sharing internal knowledge is essential!!!! - Last but not least, a TEAM! Don't you know us yet? Discover us!!!

https://capitole-consulting.com/ See what people are saying about us https://www.glassdoor.es/Opiniones/Capitole-Consulting-Opiniones-E2060890.html Don't hesitate to send us your profile, we are looking forward to meeting you! The employee will adhere to information security policies: - Will have access to confidential information related to Capitole and the project they are working on. - Must comply with the security policies and internal policies of the company and the client. - Must sign an NDA.