Senior Information Security Engineer – Data

Full time

Apply Now

Responsibilities

SIEM Administration: Handle day-to-day operations of market-leading SIEM platforms (e.g., Splunk, Sentinel, or Chronicle). This includes log ingestion from a variety of sources like Network devices, 3rd party vendor APIs, Cloud Services, Webhooks etc.. parsing/normalisation to a common schema, health monitoring checks, User access management and Cost Monitoring.
Security Data Lake Operationalisation: Develop and maintain the infrastructure/Platform that moves security telemetry from raw sources into Snowflake, BigQuery, or Databricks. Tune/Optimise Ingestion at Scale for cost efficiency and Enable SOC team and Threat Detection team to leverage the Security Data lake for their Search and Analytics workloads.
AI & Agentic Automation: Proactively integrate AI tools and LLMs into daily workflows; develop AI agents to automate Tier 1/2 SecOps tasks like Incident Investigation and Response.
Cross-Team Collaboration: Partner with global teams across time zones and manage Stakeholder communication.

Qualification & Experience

Experience: 7+ years in Security Ops and Engineering, focusing on Security Data management and Automation.
SIEM and SOAR Mastery:Hands-on experience with at least one market-leading SIEM (Splunk, Microsoft Sentinel, Crowdstrike NG-SIEM) and SOAR platform (Palo Alto XSOAR, Splunk SOAR).
Cloud Data Warehousing: Practical experience administering or developing within Snowflake, BigQuery, and/or Databricks. Prior experience in building/maintaining data platforms that can manage 50-100 TB/day data is a big plus.
Programming: Strong proficiency in Python and Shell scripting.
Data Engineering Knowledge: Understanding of Cloud warehouse and Lakehouse concepts, Open Table formats and Search engines for a composable Security Data stack.
Cloud Infrastructure: Solid experience in one major cloud (AWS/GCP/Azure); Multi-cloud familiarity is a major plus.
AI Fluency: Demonstrated experience or strong inclination towards utilising various AI tools to significantly enhance effectiveness (force multiplier) and solve complex business problems, particularly within SecOps and GRC domains.
Nice to have
Exposure to Cloud Logging frameworks and best practices for Security Telemetry ingestion.
Familiarity with container orchestration (Kubernetes/EKS/GKE).
Interest/experience in building AI-driven security workflows.
Knowledge of modern CI/CD patterns and DevOps security integrations.
Experience with Terraform or other IaC tools.