76 Exabeam Jobs - Page 2

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Position Summary: The F5 Global Cyber Defense and Intelligence team within the Office of the CISO is seeking hard-working and versatile Security Logging Engineers who will focus on updating, maintaining, and creating data pipelines fundamental to security services at F5. You will play a key role in protecting F5 and translating residual risk from critical application deployment into our logging and event platform to ensure data is flowing smoothly and consistently. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience with logging. You'll be working with teams around the world in this position, so flexibility and excellent communication is key to excel in this role. Responsibilities: Be part of the architectural direction, administration, maintenance, documentation, and oversight of the event logger and Security information and event management (SIEM) solution Analyze threat models and work with partner teams to ingest logging into the security event monitoring tool. Create and maintain integrations and solutions for the log collection, aggregation, indexing, search, alerting Manage implementation, enhancement and adoption of the solutions built by the team into operations Utilize log ingestion platform for security analytics and identification of tactics, techniques and patterns of attackers Collect and review security logs from all systems (Cloud Providers, GitLab, OS, G-Suite, OKTA, IDS, etc.) to ensure they can be used by the detection engineering team Ensure compliance with internal policies, standards, and regulatory requirements Contribute to creation of security operation runbooks, threat hunting run books Required Skills & Knowledge: Requires at least 6+ years of relevant industry experience preferably in SIEM Experience with large scale log aggregation/SIEM systems like SumoLogic, Splunk, Exabeam, LogRhythm, etc. Good written and verbal communication skills Experience working in site-reliability engineering, cloud security, system engineering, or similar positions Demonstrated experience with running systems at scale Proficiency to communicate over a text-based medium (Slack, GitLab Issues, Email) and can succinctly document technical details A Computer Science or Engineering degree is preferred, but not required Automation: Proficiency in scripting language such as Python or Bash. Experience with log identifications and analysis withing GCP, AWS, Azure, or other cloud provider. Bonus Points: Experience analysing and interpreting large volumes of data to identify potential threats and security incidents Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL Nice to have: An understanding of attacker exploit and evasion techniques Nice to have competency in BigQuery, Athena, or any cloud provider query language. Nice to have familiarity with regex SANS (GCFR, GMON, or other related certifications ).

Cyber Security – Site Reliability Engineer Core Skills & Keywords for Screening • Site Reliability Engineering, Cyber Security SRE, AIOps, Self-Healing Systems • Automation: Python, PowerShell, Bash • Monitoring & Telemetry: AppDynamics, Splunk, ELK, Grafana • Security Tools: Qualys, Microsoft Defender, Exabeam, SIEM, Endpoint Agents • Cloud Platforms: Azure (must), AWS/GCP (nice-to-have) • Operating Systems: Windows, Linux • Incident Management, Resilience Engineering, Telemetry • Agile/DevOps, BigPanda, Data Analytics, Real-time Monitoring Must-Have Requirements • 5+ years of experience in large-scale production support or cybersecurity operations • Strong scripting and automation skills (Python, PowerShell, etc.) • Experience building and optimizing monitoring, alerting, and self-healing systems • Hands-on experience with Splunk, AppDynamics, and other observability tools • Knowledge of Windows/Linux internals, endpoint agents, and Azure cloud services • Experience working in incident resolution and telemetry analysis

The Associate Analyst will provide intrusion/incident monitoring and detection utilizing customer provided data sources, audit and monitoring tools at both the government and enterprise level. An Associate Threat Analyst is required to be flexible and adapt to change quickly. The Associate Threat Analyst will work closely with our Threat Analyst to service customers through our Managed Detection and Response offering. How you’ll make an impact Analyze, document and report on potential security incidents identified in customer environments. Work with partners to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets. Provide triage on various security enforcement technologies including, but not limited to SIEM, anti-virus, content filtering/reporting, malware prevention, firewalls, intrusion detection systems, web application firewalls, messaging security platforms, vulnerability scanners etc. Perform knowledge transfers, document, and triage client’s issues regarding mitigation of identified threats Provide ongoing recommendations customers on best practices Actively research current threats and attack vectors being exploited in the wild Utilize defined SOP’s and KB’s Performs other duties as assigned Complies with all policies and standards What we’re looking for 1-2 years of working with Incident Ticketing Systems (i.e. ServiceNow, Remedy, Remedy Force, Heat, etc.). required Desire to gain full-time professional experience in the Information Security field Excellent time management, reporting, communication skills, and ability to prioritize work Ability to generate comprehensive written reports and recommendations Write professional emails Previous experience as a point of escalation in a technical environment Customer interactions and working through various issues Base knowledge of contemporary security architectures/devices such as firewalls, routers, switches, load balancers, remote access technologies, anti-malware, SIEM, and AV Ability to work customer’s environments to report on critical security events Ability to troubleshoot technical problems and ask probing questions to find the root cause or a problem Queue management Data analysis using SIEM, Database tools such as Elastic, and Excel Experience troubleshooting security, network, and or endpoints IDS monitoring/analysis with tools such as Sourcefire and Snort Experience with SIEM platforms preferred (QRadar, LogRhythm, Exabeam, Securonix, and Splunk) Familiarity with web-based attacks and the OWASP Top 10 at a minimum Attack vectors and exploitation Mitigation, Active Directory Direct (E.g. SQL Injection) versus indirect (E.g. cross-site scripting) attacks Familiarity with SANS top 20 critical security controls Understand the foundations of enterprise Windows security including: Windows security architecture and terminology Common system hardening best practices Anti-Virus (AV) and Host Based Intrusion Prevention (HIPS) Experience in monitoring at least one commercial AV solution such as (but not limited to) Carbon Black, CrowdStrike, McAfee/Intel, Symantec, Sophos or Trend Micro Ability to identify common false positives and make suggestions on tuning Malware, Denial of Service Attacks, Brute force attacks Understanding of base malware propagation and attack vectors Propagation of malware in enterprise environments Experience with malware protection tools such as FireEye a plus. Understanding of malware mitigation controls in an enterprise environment. Network Based Attacks / System Based Attacks Familiarity with vulnerability scoring systems such as CVSS Basic understanding of vulnerability assessment tools such as vulnerability scanners and exploitation frameworks Eligibility to obtain security clearance Shift flexibility, including the ability to provide on call support when needed Ability to work greater than 40 hours per week as needed This role is Work from Office role What you can expect from Optiv A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups . Work/life balance Professional training resources Creative problem-solving and the ability to tackle unique, complex projects Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities. The ability and technology necessary to productively work remotely/from home (where applicable) EEO Statement Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age 40 and over, marital status, genetic information, national origin, status as an individual with a disability, military or veteran status, or any other basis protected by federal, state, or local law. Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice . If you sign up to receive notifications of job postings, you may unsubscribe at any time.

The Associate Engineer - Security Automation/SOAR will be responsible for updating customer work requests and following operating procedures to perform AFC support tasks including health checks, reporting, work ticket acknowledgment and assignment, basic troubleshooting and other tasks as required for AFC service health and operation. The Associate Engineer will contribute to the development of knowledge base and troubleshooting information to expand the efficiency and performance of AFC services. This role requires the ability to develop skills on multiple security products and work closely with the staff of higher tiers, Service Delivery, and clients to provide ongoing communication of status and timely response to deliverables. How you'll make an impact: Hands on opportunity of implementation and development of SOAR solutions like Swimlane, Cortex XSOAR, Tines, devo, Exabeam SOAR, Splunk SOAR etc The primary purpose of this role is to act as the orchestration strategist in identifying incident response activity where mitigating controls would be automated. Identify mitigating controls through repetitive manual processes within the SOC Analyst community that complies with client security policy and industry best practices In concert with Senior Developers , within the "Proactive Hunting" process, translate complex, and non-complex Incident Response event patterns into an automated process mitigating control In coordination with SOC Operations, Service Delivery Manager, and Application Development Engineers, produce the requirements necessary to translate manual Incident Response events into automated mitigating controls using several industry standard platforms, research patterns to gain decision making criteria, and coding languages. What we're looking for: BE / BTech / ME / MTech/MCA in Computer Science or technology-related degree or equivalent work experience. 1 to 3 years of progressive software development or web development or security automation experience Understanding of security automation and development using opensource technologies Hands-on coding experience in the implementation of complex programming custom workflows. In-depth knowledge of algorithms, data structures, design patterns, and their applications. Solid programming background in Python, NodeJS, TypeScript, JavaScript, or other object-oriented languages. Strong NoSQL database and SQL knowledge including MongoDB, Postgres, or MySQL. Hands-on experience in any one of cloud platforms such as AWS, Azure or GCP and DevOps technologies including Kubernetes, Docker, and Terraform. Experience in an Agile DevOps engineering environment that effectively uses CI/CD pipelines (Jenkins, GitLab, Github). Experience on SOAR tools like Swimlane, Splunk SOAR, XSOAR is good to have. The candidate will most likely have spent time in every role of the SOC Operations, operating model Understand the computational decision making process in automating complex scenarios Strong collaboration skills that in turn translates efficient processes into automated decision making functions and determinations through the use of a wide range of industry standard platforms, data mining strategies, and investigative tools Excellent written and oral communicating skills Unrivalled ability to work with highly complex, technical individuals to translate computing technology into everyday communication topics Ability to explain highly technical standards, and solutions to junior personnel, and senior leadership Comprehend complex data sets, and create own algorithms if necessary to accomplish tasks Experienced in writing requirements documentation for data programming solutions Focus is developing automation scripts to interconnect security systems using a proprietary platform that uses python code to configure automation actions Security background preferred Experience in REST APIs, Data storage What you can expect from Optiv A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups . Work/life balance Professional training resources Creative problem-solving and the ability to tackle unique, complex projects Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities. The ability and technology necessary to productively work remotely/from home (where applicable) EEO Statement Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age 40 and over, marital status, genetic information, national origin, status as an individual with a disability, military or veteran status, or any other basis protected by federal, state, or local law. Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice . If you sign up to receive notifications of job postings, you may unsubscribe at any time.

GCP Infrastructure Lead Location: Bangalore, Pune Exp: 6+ Years Responsibilities: 5+ years of demonstrated relevant experience deploying and supporting public cloud Infrastructure (GCP as primary) IaaS and PaaS. Experience in configuring and managing the GCP infrastructure environment components Foundation components – Networking (VPC, VPN, Interconnect, Firewall and Routes), IAM, Folder Structure, Organization Policy, VPC Service Control, Security Command Center etc. Application Components - BigQuery, Cloud Composer, Cloud Storage, Google Kubernetes Engine (GKE), Compute Engine, Cloud SQL, Cloud Monitoring, Dataproc, Data Fusion, Big Table, Dataflow etc. Design and implement Identity and Access Management (IAM) policies, custom roles, and service accounts across GCP projects and organizations. Implement and maintain Workload Identity Federation, IAM Conditions, and least-privilege access models. Integrate Google Cloud audit logs, access logs, and security logs with enterprise SIEM tools (e.g., Splunk, Chronicle, QRadar, or Exabeam). Configure Cloud Logging, Cloud Audit Logs, and Pub/Sub pipelines for log export to SIEM. Collaborate with the Security Operations Center (SOC) to define alerting rules and dashboards based on IAM events and anomalies. Participate in threat modeling and incident response planning involving IAM and access events. Maintain compliance with regulatory and internal security standards (e.g., CIS GCP Benchmark, NIST, ISO 27001). Monitor and report on IAM posture, access drift, and misconfigurations. Support periodic access reviews and identity governance requirements. Required Skills and Abilities: Mandatory Skills – GCP Networking (VPC, Firewall, Routes & VPN),CI/CD Pipelines, Terraform, Shell Scripting/Python Scripting Secondary Skills – Composer, BigQuery, GKE, Dataproc Good To Have - Certifications in any of the following: GCP Professional Cloud Architect, Cloud Devops Engineer, Cloud Security Engineer, Cloud Network Engineer Participate in incident discussions and work with the Team towards resolving platform issues. Good verbal and written communication skills. Ability to communicate with customers, developers, and other stakeholders. Mentor and guide team members Good Presentation skills Strong Team Player About Us: We are a global Leader in the Data Warehouse Migration and Modernization to the Cloud, we empower businesses by migrating their Data/Workload/ETL/Analytics to the Cloud by leveraging Automation. We have our own products! Eagle – Data warehouse Assessment & Migration Planning Product Raven – Automated Workload Conversion Product Pelican – Automated Data Validation Product, which helps automate and accelerate data migration to the cloud.

Description About Exabeam Exabeam is a global cybersecurity leader that delivers AI-driven security operations. High-integrity data ingestion, powerful analytics, and workflow automation power the industry’s most advanced self-managed and cloud-native platform for threat detection, investigation, and response (TDIR). With a legacy rooted in SIEM, UEBA, and AI innovation, Exabeam empowers security teams around the world to combat threats, mitigate risk, and streamline operations. Learn more at www.exabeam.com. Position Summary We are seeking a data-driven and collaborative Program Manager to join our Global Partner Program Office. This role will focus on partner performance analytics, retention strategies, and program compliance. The ideal candidate will have experience in channel operations, strong analytical skills, and a passion for optimizing partner engagement and success. This role will report to the Sr Director of Global Channel Programs. Key Responsibilities Performance & Analytics Develop and maintain partner performance dashboards and scorecards. Analyze partner data to identify trends, opportunities, and areas for improvement. Collaborate with cross-functional teams to implement data-driven strategies for partner growth and retention. Partner Retention & Engagement Design and execute partner retention programs and initiatives. Monitor partner satisfaction and address concerns proactively. Facilitate regular communication and feedback loops with partners. Ensure adherence to partner program policies and guidelines. Manage deal registration processes and track MDF ROI. Support the development and maintenance of partner portals and tools. Program Compliance & Operations Ensure adherence to partner program policies and guidelines. Manage deal registration processes and track MDF ROI. Support the development and maintenance of partner portals and tools. Ensure adherence to contractual obligations, including compliance with program guidelines, certifications, and reporting requirements. Track partner performance against contractual terms to identify underperformance or breaches. Maintain partner compliance dashboards and audit trails. Support partner promotion processes based on performance metrics, certification levels, and strategic alignment. Participate in the partner deauthorization process, including documentation and communication, where necessary. Requirements Bachelor’s degree in Business, Computer Science, or related field. 3+ years of experience in program management, channel operations, or related roles. Strong analytical and problem-solving skills. Proficiency in data visualization tools and CRM systems. Excellent communication and interpersonal skills. Ability to work independently and collaboratively in a fast-paced environment. Bring your Whole Self to Work! Diversity, equity, and inclusion are at the core of who we are. At Exabeam, we know that diverse perspectives spark innovation, improve creativity, and position our team for success. Creating a culture where all are welcomed, valued, and empowered to achieve their full potential is important to who we are today and in the future. We hire the best of the best and do not discriminate based on race, gender, age, religion, sexual orientation, identity, or other personal factors. Exabeam and LogRhythm have merged. You can learn more about our cybersecurity powerhouse here .

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. Staff (CTM – Threat Detection & Response) KEY Capabilities: Experience in working with Splunk Enterprise, Splunk Enterprise Security & Splunk UEBA Minimum of Splunk Power User Certification Good knowledge in programming or Scripting languages such as Python (preferred), JavaScript (preferred), Bash, PowerShell, Bash, etc Assist in remote and on-site gap assessment of the SIEM solution. Work on defined evaluation criteria & approach based on the Client requirement & scope factoring industry best practices & regulations Assist in interview with stakeholders, review documents (SOPs, Architecture diagrams etc) Asist in evaluating SIEM based on the defined criteria and prepare audit reports Good experience in providing consulting to customers during the testing, evaluation, pilot, production and training phases to ensure a successful deployment. Experience in onboarding data into Splunk from various sources including unsupported (in-house built) by creating custom parsers Verification of data of log sources in the SIEM, following the Common Information Model (CIM) Experience in parsing and masking of data prior to ingestion in SIEM Provide support for the data collection, processing, analysis and operational reporting systems including planning, installation, configuration, testing, troubleshooting and problem resolution Assist clients to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sources Assist client with technical guidance to configure their log sources (in-scope) to be integrated to the SIEM Experience in SIEM content development which includes : Hands-on experience in development and customization of Splunk Apps & Add-Ons Builds advanced visualizations (Interactive Drilldown, Glass tables etc) Build and integrate contextual data into notable events Experience in creating use cases under Cyber kill chain and MITRE attack framework Capability in developing advanced dashboards (with CSS, JavaScript, HTML, XML) and reports that can provide near real time visibility into the performance of client applications. Sound knowledge in configuration of Alerts and Reports. Good exposure in automatic lookup, data models and creating complex SPL queries. Create, modify and tune the SIEM rules to adjust the specifications of alerts and incidents to meet client requirement Experience in creating custom commands, custom alert action, adaptive response actions etc Qualification & experience: Minimum of 3 years’ experience in Splunk and 3 to 5 years of overall experience with knowledge in Operating System and basic network technologies Experience in SOC as L1/L2 Analyst will be an added advantage Strong oral, written and listening skills are an essential component to effective consulting. Good to have knowledge of Vulnerability Management, Windows Domains, trusts, GPOs, server roles, Windows security policies, user administration, Linux security and troubleshooting Certification in any other SIEM Solution such as IBM QRadar, Exabeam, Securonix will be an added advantage Certifications in a core security related discipline (CEH, Security+, etc) will be an added advantage. EY | Building a better working world EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate. Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.