SIEM Data Engineer / SIEM & Log Management Engineer
Role details
Job location
Tech stack
Job description
to join an international project for a leading German client in the automotive sector. The role is focused on security log analysis, log ingestion, parsing, normalization and SIEM data modelling , working closely with security and operations teams. We are especially interested in professionals with experience in Cribl and Splunk , although similar experience with log pipelines, log management, streaming technologies or SIEM environments will also be valued, especially with tools such as Kafka, Logstash or Elastic / ELK. What will you do? Connect security-relevant log sources to a SIEM through Log Stream Processing platforms. Analyse security logs and define data models. Create and maintain parsers to normalize log data. Support SIEM data ingestion and security use case definition. Work with security and operations teams to improve log processing solutions., Glassdoor Reviews Feel free to send us your profile, we are excited to meet you! The employee will adhere to information security policies: -Will have access to confidential information related to Capitole and the project they are working on. -Must comply with the security policies and internal policies of the company and the client. -Must sign an NDA.
Requirements
3+ years of experience with SIEM or log management tools, especially Splunk, Elastic / ELK or similar . Hands-on experience with Cribl or similar Log Stream Processing / log pipeline tools such as Kafka, Logstash or Fluentd . Strong knowledge of log analysis, parsing, Regex and data normalization. Experience with Linux/UNIX/Windows environments and network technologies. Scripting experience with Python, Bash/Shell or JavaScript. Knowledge of cloud or container technologies such as AWS, Azure, GCP, Kubernetes or OpenStack. Understanding of Security Incident Response or security monitoring processes. Excellent English level, both written and spoken.