Cybersecurity Data Platform Engineering

Design and implement enterprise-scale cybersecurity data platforms for ingesting and analyzing security telemetry and threat intelligence. Build scalable pipelines for security logs, network telemetry, identity events, and endpoint data. Enable analytics use cases such as threat detection, anomaly detection, incident response, and security reporting., Architect and implement AWS-based data lake and analytics platforms using services such as S3, Glue, Athena, Redshift, and Lambda. Design secure and scalable Snowflake data platforms for security analytics workloads. Develop batch and streaming pipelines to process high-volume cybersecurity datasets., Develop high-performance pipelines using PySpark, Spark SQL, Python, and AWS Glue. Build orchestration workflows using Apache Airflow for automated data processing and monitoring. Implement incremental and event-driven ingestion frameworks using messaging services such as SNS/SQS.

Security, Governance & Compliance

Implement secure data architectures including encryption, IAM-based access controls, and RBAC. Support regulatory and security compliance through data governance, lineage, and audit logging. Ensure secure handling of sensitive security telemetry and threat intelligence data.

Platform Performance & Cost Optimization

Optimize Snowflake performance and cost efficiency through warehouse tuning, clustering, and workload isolation. Implement monitoring, alerting, and automated optimization strategies for cloud data infrastructure. Improve query performance and resource utilization across AWS analytics services., Partner with security operations (SOC), threat intelligence, and incident response teams to support cybersecurity analytics. Work closely with data scientists to enable ML-driven threat detection and behavioral analytics. Lead architecture discussions, code reviews, and technical mentoring for data engineering teams.

12+ years of experience in data engineering or data platform development Strong expertise in AWS cloud data services (S3, Glue, Athena, Redshift, IAM) Advanced knowledge of Snowflake architecture, optimization, and security Proficiency in Python, PySpark, and SQL Experience with Apache Airflow orchestration frameworks Hands-on experience building large-scale batch and streaming data pipelines, Experience working with security telemetry, SIEM, or cybersecurity analytics platforms Knowledge of threat detection pipelines and security data modeling Experience integrating with security tools such as Splunk, Sentinel, or other SIEM platforms Familiarity with ML-based anomaly detection or behavioral analytics Experience with Infrastructure-as-Code (Terraform)