Senior Security Engineer Logging SIEM Data Pipelines

Swisslinx
Zürich, Switzerland
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English, German
Experience level
Senior

Job location

Zürich, Switzerland

Tech stack

JavaScript
Bash
Computer Security
Python
Regular Expressions
Ansible
Runbook
Security Information and Event Management
SQL Databases
Data Logging
Scripting (Bash/Python/Go/Ruby)
Delivery Pipeline
GIT
Information Technology
REST
Data Pipelines
Security Orchestration, Automation & Response

Job description

  • Build and maintain telemetry and data pipelines for log routing, enrichment, filtering and delivery.
  • Develop SOAR automations to improve incident response and operational efficiency.
  • Create security detections, dashboards, reports and monitoring solutions.
  • Integrate new data sources and ensure high-quality security telemetry across infrastructure and applications.
  • Maintain technical documentation including architecture, runbooks and data flow diagrams.
  • Support security incidents and provide 2nd and 3rd level engineering support, including on-call participation.
  • Contribute to security architecture, standards and best practices for the logging and telemetry ecosystem.

Requirements

  • Design, operate and continuously improve enterprise SIEM and centralised logging platforms., * University degree in Computer Science, Information Security or a related field (or equivalent experience).
  • At least 5 years' experience administering enterprise SIEM platforms.
  • Strong experience building and managing logging, telemetry and data pipelines.
  • Experience developing detection rules, correlation searches, dashboards and CIM-normalised data models.
  • Hands-on experience with Cribl Stream or similar telemetry pipeline tools.
  • Strong Scripting skills using Python, Bash/Shell or JavaScript.
  • Experience with Git, SQL, REST APIs and Regular Expressions.
  • Good understanding of SOAR platforms and security automation.
  • Experience with Ansible is an advantage.
  • Fluent English is required. German is a strong plus.

Apply for this position