JSOC - Principal SIEM Engineer
Tasks
- Architect and maintain NXLog deployment for log collection
- Automate platform operations with scripting and infrastructure as code
- Build and maintain ingest pipelines parsers and log integrations
- Coordinate log source onboarding
- Define and report SIEM platform performance metrics
- Design deploy and maintain Elastic cluster architecture
- Design deploy and maintain security tools SOAR EDR WAF and email gateway
- Evaluate emerging SIEM and log management technologies
- Implement detection as code CI CD rule deployment pipelines
- Maintain Elastic Security dashboards and saved searches
- Maintain Kafka log streaming infrastructure
- Maintain platform documentation runbooks and operational procedures
- Manage Elastic upgrades patches and cluster health monitoring
- Manage index lifecycle policies and data retention
- Mentor team members on Elastic administration and data pipelines
- Monitor and maintain end to end data pipeline reliability
- Own Elastic SIEM platform performance and evolution
- Participate in on-call rotations
- Perform Elasticsearch performance tuning query optimization shard strategy and resources
- Plan capacity and scale Elastic and Kafka infrastructure
- Translate detection requirements into platform capabilities
Perks/Benefits
- Career growth opportunities
- Community causes opportunities
- Health & wellbeing resources
- Hybrid working environment
- Inclusive collaborative environment
- Paid vacation
- Personal days
- Sick days
Skills/Tech-stack
AWS | Apache Kafka | Bash | Beats | CI/CD | Container Orchestration | Data Retention | Detection-as-code | Docker | EDR | Elastic Agent | Elastic Security | Elastic Stack | Elasticsearch | Email Gateway | GCP | GitLab | Index Lifecycle Management | Index lifecycle | Infrastructure as Code | KRaft | Kafka Connect | Kafka Streams | Kibana | Kubernetes | Lifecycle Management | Linux | Logstash | N A | NxLog | OpenSearch | Python | Query Optimization | Resource allocation | SOAR | SOCKS N/A | Scripting | Sharding | Storage Optimization | WAF | Zookeeper | “as-code”
Education
N/A
Roles
Engineer | Principal | Principal SIEM Engineer | SIEM Engineer
Related jobs
-
Mid-level Full TimeSão Paulo, Brazil2d ago
-
SecOps Engineer (AppSec) BRL 184K-184KAmazon Web Services | Incident Response | Information security | Kubernetes | NISTBirthday off | Employee discounts | English classes | Extended maternity leave | Extended paternity leaveMid-level Full TimeVitória, Espírito Santo R4d ago
-
Principal, Database Security Engineering BRL 54K-60KAccess Management | Activity monitoring | CI/CD | CIS Benchmarks | Cloud SecuritySenior-level Full TimeBR001 São José dos Campos, Brazil5d ago
-
API Security | AWS | Azure | Bash | Cloud SecurityDiversity and inclusion | On site work 2 days per week | Remote work flexible daysMid-level Full TimeSão Paulo5d ago
-
Senior Security Architect BRL 156K-184KApplication Security | CI/CD | Cloud Security | Cloud platform | Code ManagementAnnual performance bonus | Health, dental, and vision plans | Hybrid work option | Remote work | Stock optionsSenior-level Full TimeBrazil R5d ago
-
Senior Application Security Engineer BRL 184K-184KApplication Security | Application Security Testing | CI/CD | Checkov | Composition analysisAnnual performance bonus | Dental insurance | Health insurance | Hybrid work option | Remote workSenior-level Full TimeBrazil R5d ago
-
Technical Support Apprentice (Hybrid, BRA) BRL 24K-26KBusiness Intelligence | Customer support | Cybersecurity | Data Analysis | English communication401k matching | Employee assistance program | Mentorship | Paid Holidays | Professional developmentEntry-level Apprenticeship Part TimeBRA Remote, Brazil R6d ago
-
System Administrator - Digital Media & Technology BRL 96K-108KApple device management | Bash | Cloud Migration | Device Management | GitOpsPaid time off | Remote work | Work autonomyMid-level Full TimeBrazil R6d ago
-
Senior Application Security Engineer MXN 934K-1260KApplication Security | Application Security Testing | CI/CD | Checkov | Cloud NativeRemote workSenior-level Full TimeArgentina, Mexico, Colombia, Brazil R6d ago
-
Senior-level Full TimeSanta Rita Do Sapucai, Brazil8d ago
-
AWS | Amazon Web Services | Automation | Cloud infrastructure | Container OrchestrationClient collaboration | Continuous learning | Growth opportunities | Technical autonomyMid-level Full TimeBRLink - Tamboré, Brazil12d ago
-
Mid-level Full TimeBrazil Sao Paulo - Remote Office R13d ago
-
Application Security Engineer BRL 234K-300KAWS CloudTrail | AWS GuardDuty | AWS IAM | Application Firewall | Bot managementEmployee equity plan | Fitness classes | Fully remote work | Home office reimbursement | Mindfulness classesMid-level Full TimeBrazil - Remote R13d ago
-
Offensive Security Engineer BRL 100K-116KAI Agents | API Security | AWS | Android | Application SecurityMid-level Full TimeSão Paulo R14d ago
-
AWS | Asset Security | Azure | Cloud Security | DCSCross-functional collaboration | Remote work available | Travel opportunityMid-level Full TimeSão Paulo, São Paulo, BR R14d ago
-
AWS | Azure | ChromeOS | Command Line | Communications SecurityAdoption Assistance | Certification completion bonus | Certification reimbursement | Employee referral bonus | Remote workMid-level Full TimeSão Paulo, Brazil R15d ago
-
JSOC - Senior Security Engineer BRL 100K-120KAPI Integration | API Integrations | Bash | CI/CD | Code reviewCareer growth and development | Community involvement opportunities | Health and wellbeing resources | Hybrid workplace | Inclusive collaborative environmentSenior-level Full TimeSão Paulo, SP, BR15d ago
-
AIX | AWS | Agile | Ansible | BashBirthday day off | Childcare assistance | Dental insurance | Health insurance | Learning partner programsSenior-level Full TimeSao Paulo - Paulista, Brazil16d ago
-
Senior Security Infrastructure Engineer USD 60K-114KAWS | AWS Security | Alert Tuning | CI/CD | Container SecuritySenior-level Full TimeBrazil, Remote R19d ago
-
AWS | Application Security | Burp Suite | CWE Top 25 | Cause analysisAdoption Assistance | Bonuses | Certification completion bonus | Certification reimbursement | Employee referral bonusMid-level Full TimeSão Paulo, Brazil R19d ago
-
Senior-level Full TimeBELO HORIZONTE 02, Brazil20d ago
-
DevSecOps Engineer BRL 234K-295KAccess Control | Application Security Testing | Authentication | CI/CD | CheckovAdditional benefits and perks | Remote work flexibility | Stock grant opportunities | WeWork access optionalMid-level Full TimeBrazil R20d ago
-
Senior Security Engineer (GRC) BRL 180K-180KAWS | Audit Support | Cloud Security | Cloud platform | ComplianceDaycare allowance | Dental plan | Equity opportunity | Extended parental leave | Financial supportSenior-level Full TimeBrazil, Belo Horizonte; Brazil, Campinas; Brazil, …20d ago
-
Senior-level Full TimeSão Carlos, SP, Brazil21d ago
-
Mid-level Full TimeBrazil - Remote R22d ago