InfoLabs incRemote
Information Security Engineer (Cribl/SIEM)
United States of America
Contract
2 hours ago
No H1B
Key skills
Cribl StreamSecurity engineeringSIEM administrationPythonBashLinuxWindows system hardeningCribl certificationData modelingLinux-based security sensorsNIST CSFCJISIRS 1075CMS MARS-ECISSPSecurity+
About this role
InfoLabs inc is hiring a Cribl engineer to design and build the log ingestion pipelines for a large enterprise security team. The role involves hands-on pipeline work, building and tuning Cribl data models that feed into the SIEM and other security tools.
Responsibilities:
- Design, build, and maintain Cribl pipelines for log ingestion at scale
- Shape and route data into SIEM, XDR, vulnerability management, DLP, and endpoint tools
- Help stand up and configure Linux-based security sensors
- Write Python and Bash automation to keep the environment running with less manual effort
- Work alongside the security architects and engineering team
Requirements:
- Strong, recent, hands-on Cribl Stream experience. This is the must-have
- Solid security engineering background (SIEM, endpoint, threat detection)
- Comfortable in Linux and Windows, including system hardening
- Python and Bash for automation
- 5+ years in large IT environments; a bachelor's in an IT or security field, or 8+ years of experience in lieu of the degree
- Cribl certification and hands-on data modeling
- SIEM administration and reporting
- Experience building and deploying Linux-based security sensors
- Familiarity with security frameworks like NIST CSF, CJIS, IRS 1075, and CMS MARS-E
- CISSP and/or Security+