3 Log Ingestion Jobs

Are you ready to power the world's connections If you don't think you meet all of the criteria below but are still interested in the job, please apply. Nobody checks every box - we're looking for candidates who are particularly strong in a few areas and have some interest and capabilities in others. Design, develop, and maintain microservices that power Kong Konnect, the Service Connectivity Platform. Working closely with Product Management and teams across Engineering, you will develop software that has a direct impact on our customers" business and Kong's success. This opportunity is hybrid (Bangalore Based) with 3 days in the office and 2 days work from home. Implement, and maintain services that power high bandwidth logging and tracing services for our cloud platform such as indexing and searching logs and traces of API requests powered by Kong Gateway and Kuma Service Mesh. Implement efficient solutions at scale using distributed and multi-tenant cloud storage and streaming systems. Implement cloud systems that are resilient to regional and zonal outages. Participate in an on-call rotation to support services in production, ensuring high performance and reliability. Write and maintain automated tests to ensure code integrity and prevent regressions. Mentor other team members. Undertake additional tasks as assigned by the manager. 5+ years working in a team to develop, deliver, and maintain complex software solutions. Experience in log ingestion, indexing, and search at scale. Excellent verbal and written communication skills. Proficiency with OpenSearch/Elasticsearch and other full-text search engines. Experience with streaming platforms such as Kafka, AWS Kinesis, etc. Operational experience in running large-scale, high-performance internet services, including on-call responsibilities. Experience with JVM and languages such as Java and Scala. Experience with AWS and cloud platforms for SaaS teams. Experience designing, prototyping, building, monitoring, and debugging microservices architectures and distributed systems. Understanding of cloud-native systems like Kubernetes, Gitops, and Terraform. Bachelors or Masters degree in Computer Science. Bonus points if you have experience with columnar stores like Druid/Clickhouse/Pinot, working on new products/startups, contributing to Open Source Software projects, or working or developing L4/L7 proxies such as Nginx, HA-proxy, Envoy, etc. Kong is THE cloud native API platform with the fastest, most adopted API gateway in the world (over 300m downloads!). Loved by developers and trusted with enterprises" most critical traffic volumes, Kong helps startups and Fortune 500 companies build with confidence allowing them to bring solutions to market faster with API and service connectivity that scales easily and securely. 83% of web traffic today is API calls! APIs are the connective tissue of the cloud and the underlying technology that allows software to talk and interact with one another. Therefore, we believe that APIs act as the nervous system of the cloud. Our audacious mission is to build the nervous system that will safely and reliably connect all of humankind! For more information about Kong, please visit konghq.com or follow @thekonginc on Twitter.,

Job Role : Cyber Security Engineer--Work From Office Experience : 4 to 8 Yrs Key Skills: Security tools integration and management, Log ingestion, writing rules and polices in SIEM tool, USE case Creation Notice Period : 0 to 30 days Should be willing to work in Second shift Company: Cyber Towers, Quadrant 3, 3rd floor, Madhapur, Hyderabad -- 500081. Job Overview: Analyze and recommend improvements to network, system, and application architectures to enhance security. Research, design, and implement cybersecurity solutions that protect the organizations systems and products. Collaborate with DevOps, Platform Engineering, and Architecture teams to ensure security is embedded in the design and development of applications and systems. Actively participate in the change management process, ensuring security considerations are prioritized in system upgrades and modifications. Design and deploy automated security controls to improve efficiency in risk identification, configuration management, and security assessments. Develop and refine security policies to address cloud security misconfigurations, leveraging cloud-native security technologies. Implement logging and monitoring solutions for cloud environments to enhance SOC team capabilities in detecting and responding to security incidents. Assess and review emerging technologies to identify potential security risks and implement mitigation strategies. Design and deploy innovative security technologies to address evolving security challenges. Conduct vulnerability scanning, anomaly detection, and risk assessment to enhance the security posture. Work closely with security architects to develop and deploy security solutions that address cloud-specific risks. Take ownership of security posture improvements, ensuring strict security policies and controls align with business objectives. Research and stay up to date on emerging security threats and provide strategic recommendations to strengthen security defenses. Qualifications & experience: Hands-on experience with implementing security controls, including Database security, Web content filtering, Anomaly detection & response, Vulnerability scanning & management Proficiency in at least one scripting language (e.g., Perl, Python, PowerShell, Bash) for automation and security tooling. Expertise in at least one of the following security domains: Cloud-native security (e.g., IAM, security groups, encryption), Endpoint security (e.g., EDR/XDR, mobile security) Strong familiarity with industry security frameworks and regulations, including: NIST Cybersecurity Framework (CSF) , CIS Controls, HIPAA, GDPR compliance Ability to assess compliance requirements and implement security controls to ensure adherence. Strong problem-solving and analytical skills, with the ability to assess complex security risks and develop mitigation strategies. Excellent communication and interpersonal skills, with the ability to engage both technical and non-technical stakeholders. Proven ability to work independently, manage projects, and contribute as an integral part of a high-performing security team.

Job Summary: We are looking for a skilled Microsoft Sentinel SIEM Engineer to join our Cybersecurity Operations team. The ideal candidate will be responsible for the deployment, configuration, integration, and operational support of Microsoft Sentinel as a core SIEM platform, ensuring efficient threat detection, incident response, and security monitoring. Key Responsibilities: Design, implement, and manage Microsoft Sentinel for enterprise security monitoring. Develop and maintain analytic rules (KQL-based) and detection use cases aligned with MITRE ATT&CK. Integrate various log sources (on-prem and cloud) including Microsoft 365, Azure, AWS, endpoints, firewalls, etc. Create and manage playbooks using Azure Logic Apps for automated incident response. Monitor data connectors and ensure log ingestion health and optimization. Conduct threat hunting and deep dive analysis using Kusto Query Language (KQL). Optimize performance, cost, and retention policies in Sentinel and Log Analytics workspace. Collaborate with SOC analysts, incident responders, and threat intelligence teams. Participate in use case development, testing, and fine-tuning of alert rules to reduce false positives. Support compliance and audit requirements by producing relevant reports and documentation. Required Skills & Qualifications: 3+ years of experience working with Microsoft Sentinel SIEM. Strong hands-on experience with KQL (Kusto Query Language) . Solid understanding of log ingestion from different sources including Azure, O365, Defender, firewalls, and servers. Experience with Azure Logic Apps for playbook creation and automation. Familiarity with incident response workflows and threat detection methodologies. Knowledge of security frameworks such as MITRE ATT&CK, NIST, or ISO 27001 . Microsoft certifications such as SC-200 (Microsoft Security Operations Analyst) or AZ-500 are preferred. Good to Have: Experience with Defender for Endpoint, Defender for Cloud, Microsoft Purview. Knowledge of other SIEM platforms (e.g., Splunk, QRadar) for hybrid environments. Scripting experience (PowerShell, Python) for automation and integration. Certifications (Preferred but not mandatory): SC-200 : Microsoft Security Operations Analyst AZ-500 : Microsoft Azure Security Technologies CEH , CompTIA Security+ , or equivalent