Sr. Engineer - Data Security

About the Role:

Next Gen-SIEM Integrations team at Next Gen-SIEM is responsible for building out of the box integrations for 3rd party products to ingest data into SIEM platform.  We are looking for a passionate Security Engineer with expertise in data ingestion and integration for SIEM. This role focuses on designing, developing, and maintaining out of the box data connectors for CrowdStrike Next-Gen SIEM, ensuring seamless ingestion of security data from various third-party products.

The ideal candidate has hands-on experience in cybersecurity, data ingestion pipelines, log collection mechanisms, and security event processing. You should be well-versed in industry-standard data ingestion and integration methods and possess strong knowledge about security products and platform

What You'll Do:

• Evaluate, develop, maintain, and enhance data connectors to ingest data from third-party security products into CrowdStrike Next-Gen SIEM

• Set up and maintain a lab or test environment for security products to validate data connectors and troubleshoot issues

• Troubleshoot and resolve issues with existing data connectors to ensure reliable log ingestion

• Collaborate with internal teams to define efficient logging, error handling, data normalization and documentation for data connectors

• Research and implement best practices for ingesting security logs from Firewalls, IDS/IPS, Cloud Security products, Endpoint Security, and other security products and platforms

• Write and maintain high-quality technical documentation for integration methods and troubleshooting guides

• Provide on-call support for critical data ingestion issues and production incidents

• Work with customers, customer success and customer support teams to troubleshoot and resolve data ingestion-related issues and ensure effective communication

What You'll Need:

• Bachelor’s or Master’s degree in Computer Science or related field or equivalent work experience.

• 10+ years of experience in cybersecurity and SIEM integrations

• Experience in developing data connectors or ingestion pipelines for SIEM platforms such as Splunk, Sentinel, Exabeam, QRadar etc.

• Experience in setting up and managing environments for security products such as Firewalls, IDS/IPS, EDR, CASB, Identity Security, Email Security etc.

• Experience with security events and its formats such as Syslog, CEF, LEEF, JSON, XML

• Experience in log processing or shipping tools such as Cribl, Splunk forwarder, Azure monitoring agent, LogScale log collector etc.

• Experience with cloud-native logging services such as AWS CloudWatch, CloudTrail, Azure Monitor, or GCP Logging

• Proficiency in at least one programming language, preferably Python

• Proficiency in writing complex queries using KQL, SPL, CQL, SQL etc

• Strong documentation, communication and customer interaction skills

Bonus Points:

• Knowledge of security data normalization schemas, parsing and data enrichment

#LI-VJ1

Benefits of Working at CrowdStrike:

• Remote-friendly and flexible work culture

• Market leader in compensation and equity awards

• Comprehensive physical and mental wellness programs

• Competitive vacation and holidays for recharge

• Paid parental and adoption leaves

• Professional development opportunities for all employees regardless of level or role

• Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections

• Vibrant office culture with world class amenities

• Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.