Senior Consultant, SIEM Engineer (Logstash)

Infinitive Inc

$90K — $140K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 3+ years in Security Engineering, Data Engineering, or DevSecOps roles.
  • Deep understanding of Logstash syntax and Regex for log parsing.
  • Experience with CI/CD tools like Jenkins and version control with GitHub.
  • Familiarity with AWS messaging services SQS and SNS.
  • Proficient in using Splunk for SIEM analysis and troubleshooting.
  • Solid SQL skills for database querying and data validation.

Responsibilities

  • Design, develop, and maintain Logstash pipelines for effective log ingestion.
  • Implement and optimize scalable data architectures for security data.
  • Manage and troubleshoot data flow in cloud-native event-driven systems.
  • Automate SIEM configurations as code using CI/CD practices.
  • Analyze and query log data in Splunk to ensure data quality.
  • Write and query SQL to interact with relational databases for validation.

Benefits

  • Collaborative work environment focused on agile methodologies.
  • Opportunity to work with cutting-edge cybersecurity technologies.
  • Potential for professional development in a rapidly evolving field.
  • Exposure to big data concepts and advanced data engineering techniques.
Full Job Description
About the Role
We are seeking a highly skilled SIEM Engineer to support our client's Cybersecurity Operations team. In this role, you will be responsible for building, optimizing, and maintaining the data pipelines that power our security monitoring infrastructure. You will focus heavily on data ingestion, log parsing, and transformation to ensure high-fidelity data reaches our analytics platforms.

The ideal candidate bridges the gap between Security Operations and DevOps, leveraging modern CI/CD practices to manage infrastructure-as-code and building resilient data architectures.Key Responsibilities
  • Log Ingestion & Parsing: Design, develop, and maintain complex Logstash pipelines. Write efficient Regular Expressions (Regex) and utilize Logstash syntax to parse, filter, and enrich unstructured log data.
  • Data Architecture & Engineering: Implement and optimize source-to-target data architectures, ensuring scalable and reliable data transformation from diverse security sources.
  • Event-Driven Systems: Manage and troubleshoot data flowing through cloud-native event-driven messaging systems, specifically AWS SQS and SNS.
  • CI/CD & Version Control: Treat SIEM configurations as code. Manage configurations using GitHub and automate testing and deployment via Jenkins or similar CI/CD pipelines.
  • SIEM Analysis & Troubleshooting: Analyze and query log data within Splunk to audit data quality, troubleshoot parsing errors, and investigate system messages.
  • Database Querying: Write and understand SQL syntax to interact with relational databases for data validation, lookups, and reporting.
Required Skills & QualificationsTechnical Skills:
  • Logstash Expertise (Required): Deep understanding of Logstash syntax, plugin configurations (input, filter, output), and advanced string manipulation using Regular Expressions (Regex).
  • DevOps & Automation: Hands-on experience with version control (GitHub) and building/maintaining deployment pipelines (Jenkins or equivalent CI/CD tools).
  • Big Data & Architecture: Strong grasp of big data concepts, data transformation patterns, and source-to-target pipeline architectures.
  • Cloud Messaging: Experience with event-based, distributed messaging systems, specifically Amazon SQS and Amazon SNS.
  • SIEM & Analytics: Proficiency in Splunk, specifically for reading logs, diagnosing infrastructure error messages, and validating data ingestion.
  • Database Skills: Solid understanding of SQL syntax for querying and validating data.
Soft Skills & Experience:
  • 3+ years of experience in Security Engineering, Data Engineering, or a DevSecOps role.
  • Strong analytical and troubleshooting skills with a keen eye for data anomalies.
  • Ability to work collaboratively in an agile environment.
Nice to Have:
  • Experience with the broader Elastic Stack (Elasticsearch, Kibana).
  • AWS Certified Security or AWS Certified SysOps Administrator.
  • Familiarity with containerization (Docker, Kubernetes) for scaling log collectors.
    Infinitive is required by law in some jurisdictions to include a reasonable estimate of the compensation range for this role. The determination of this range includes various factors not limited to skill set, level, experience, relevant training, and licensure and certifications. Compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range for this role in the U.S. is $90,000.00 - $140,000.00.

Similar Jobs

More Jobs at Infinitive Inc

More Information Technology Jobs

Find similar Senior Consultant, SIEM Engineer (Logstash) jobs: