SIEM Engineer (f/m/d)

Technologies we use

About the project

Your responsibilities

• Drive Data Collection Operational Excellence – Monitor the operational health of SIEM platform, infrastructure and data feeds to ensure data is available, parsed and formatted to support cybersecurity threat detection and investigation use cases.
• Design for Supportability – Research, test, and perform upgrades of the SIEM platform and supporting components to ensure the environment is secure, performant and capabilities available can be leveraged to full potential.
• Collaborate for Success – Partner with engineering and infrastructure peers across Danaher and all operating companies to ensure appropriate log level configurations.

Our requirements

• 5+ years of deploying, managing, and maintaining enterprise SIEM solutions.
• Demonstrated experience administering a range of SIEM platforms and supporting infrastructure including but not limited to Splunk, Microsoft Sentinel, Palo Alto XSIAM, Google SecOps (Chronicle), Humio, Elastic.
• Experience implementing and leveraging log data pipeline and technologies including but not limited to Cribl, Vector, or Tenzir.
• Demonstrated experience with cloud service providers including but not limited to Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP).
• Experience translating business requirements into solution requirements.
• Experience preparing and maintaining documentation, including but not limited to operating procedures, logical flow diagrams, and formal reports.

Optional

• Demonstrated programming or scripting language expertise including but not limited to Python, Bash, PowerShell (Python preferred).
• Demonstrated proficiency leveraging regular expressions for parsing and pattern matching.
• Experience administering applications deployed on Linux\UNIX operating systems.

Benefits