SIEM Data Engineer

Capitole is seeking a SIEM Data Engineer to work on international automotive projects. The ideal candidate will have experience in security log analysis and log ingestion, working with modern SIEM tools such as Splunk and Cribl.

You'll be responsible for connecting log sources, analysing security logs, and defining data models. This position offers a dynamic environment with a strong focus on professional growth and innovation., * Connect security-relevant log sources to SIEM.

• Analyse security logs and define data models.
• Create and maintain log data parsers.
• Support SIEM data ingestion processes.
• Collaborate with teams to enhance log processing solutions., Splunk Elastic / ELK Cribl Kafka Logstash Descrição da oferta de emprego

Empowering people. Unlocking innovation.

With 1,000+ professionals and over a decade of experience, we've built an environment where talent is trusted, supported and continuously challenged to grow. Our culture

• People-first culture built on trust and real proximity.
• Stable environment with turnover clearly below industry average.
• International, high-impact projects powered by modern tech stacks.
• 1,200 Euro annual training budget per employee.
• Real flexibility, not just a promise.
• Continuous feedback culture with monthly follow-ups and annual 360 reviews.
• Private health insurance, versatile compensation and Wellhub.
• Active tech communities where knowledge is shared and innovation evolves.
• A team that delivers and celebrates together.

Ready to grow with us? Take a look at this opportunity.

We are looking for a SIEM Data Engineer / SIEM & Log Management Engineer to join an international project for a leading German client in the automotive sector. The role is focused on security log analysis, log ingestion, parsing, normalization and SIEM data modelling, working closely with security and operations teams.

We are especially interested in professionals with experience in Cribl and Splunk, although similar experience with log pipelines, log management, streaming technologies or SIEM environments will also be valued, especially with tools such as Kafka, Logstash or Elastic / ELK. What will you do?

• Connect security-relevant log sources to a SIEM through Log Stream Processing platforms.
• Analyse security logs and define data models.
• Create and maintain parsers to normalize log data.
• Support SIEM data ingestion and security use case definition.
• Work with security and operations teams to improve log processing solutions.

• Minimum of 3 years of experience with SIEM or log management tools.

• Proven experience in log ingestion and processing technologies.

• Strong analytical skills for log analysis and data modeling., Experience with SIEM tools Hands-on experience with Cribl Log management knowledge Familiarity with Splunk Experience with Kafka, * 3+ years of experience with SIEM or log management tools, especially Splunk, Elastic / ELK or similar.

• Hands-on experience with Cribl or similar Log Stream Processing / log pipeline tools such as Kafka, Logstash.