| Cribl Administrator( Security Log Management Specialist) at Remote, Remote, USA |
| Email: [email protected] |
|
From: Paul, Rwaltz [email protected] Reply to: [email protected] Cribl Administrator( Security Log Management Specialist) Hybrid(NY/NJ, Chicago, Texas) We are seeking an experienced Cribl Administrator to manage security log telemetry and implement integrations with Splunk and Azure Sentinel. This role will be responsible for designing, implementing, and maintaining our log management infrastructure using Cribl Stream/LogStream while ensuring efficient data routing, processing, and integration with security tools. Primary Responsibilities Design and implement Cribl Stream/LogStream architecture for security log management Develop and maintain integrations between Cribl and security tools (Splunk, Azure Sentinel) Optimize log collection, parsing, and forwarding processes Manage data reduction and enrichment workflows Configure and maintain log pipelines and routing rules Implement log transformation and normalization standards Technical Requirements Deep understanding of Cribl Stream/LogStream platform and features Experience with Azure Sentinel and Splunk SIEM platform Expertise in log management and analysis Strong scripting abilities (JavaScript, Python) Understanding of regular expressions and data parsing Experience with APIs and integration patterns Experience building custom collectors and destinations in Cribl Knowledge of Azure Sentinel data connectors and KQL Understanding of Splunk API and data formats Expertise in log parsing and normalization Experience with data transformation pipelines Knowledge of security log formats and schemas Data Management Skills Experience with high-volume log processing Knowledge of data reduction techniques Understanding of data retention requirements Expertise in data mapping and normalization Experience with data enrichment processes Professional Qualifications Bachelor's degree in Computer Science, Cybersecurity, or related field 15+ years of IT experience with10+ years in log management Cribl certified administrator certification preferred Azure Security certification desired Splunk certification a plus Project Management Responsibilities Develop log collection and routing strategies Manage integration deployments and updates Create and maintain documentation Coordinate with security and infrastructure teams Monitor system performance and capacity Security Skills Understanding of security log analysis Knowledge of threat detection patterns Experience with security compliance requirements Familiarity with incident response processes Understanding of data privacy requirements Understanding of log formats (CEF, JSON, Syslog) Knowledge of cloud platforms (Azure) Experience with RESTful APIs Familiarity with SOAR platforms Understanding of security frameworks Required Skills Strong analytical and problem-solving abilities Excellent documentation skills Effective communication with stakeholders Performance tuning and optimization expertise Incident response and troubleshooting capabilities Keywords: information technology New Jersey New York Cribl Administrator( Security Log Management Specialist) [email protected] |
| [email protected] View All |
| 05:31 AM 22-Jan-25 |