Cybersecurity Principal Engineering Consultant

cyberani solutions

We are seeking a Cybersecurity Principal Engineer with specialized expertise in log onboarding, parsing, and data engineering within a SIEM environment. The ideal candidate will have a deep hands-on experience integrating diverse security data sources, developing normalization strategies, and building reliable ingestion pipelines. A strong understanding of SIEM architecture, system hardening, scripting, and automation is essential.

This role supports security operations by managing the full lifecycle of log data from onboarding and normalization to enrichment and delivery into detection platforms. You will also contribute to the hardening of systems involved in service providing and play a key role in onboarding assets and telemetry into a Managed Detection and Response (MDR) service.

Responsibilities:

Log Source Onboarding:

Integrate new log sources into the SIEM, including network, endpoint, identity, and cloud telemetry, ensuring they meet quality and compliance standards.

MDR Onboarding Support:

Facilitate onboarding of systems, assets, and log streams into the MDR platform, ensuring visibility, alert fidelity, and alignment with threat detection use cases.

Parsing & Normalization:

Create and maintain field extractions and parsing logic to ensure logs are properly structured and normalized against common data models.

Automation & Scripting:

Develop scripts and automation tools to streamline onboarding, data transformation, health monitoring, and alert enrichment processes.

Validation & Quality Assurance:

Ensure the integrity, completeness, and performance of ingested log data through automated validation routines and dashboard-driven monitoring.

Architecture & Pipeline Design:

Contribute to the design of scalable and resilient data pipelines, enabling high-throughput ingestion, minimal data loss, and efficient indexing.

Maintenance & Optimization:

Continuously tune ingestion and parsing processes to reduce noise, improve relevance, and enhance the overall performance of log pipelines.

Security Use Case Support:

Collaborate with SOC and threat detection teams to ensure collected data supports active detections, investigations, and compliance needs.

Continuous Enhancement:

Stay current on logging trends, automation frameworks, and detection engineering techniques. Continuously assess and onboard new data sources as security requirements evolve.

","requirements":"

Bachelor s degree in Computer Science, Cybersecurity, Information Systems, or a related field

7+ years of experience with SIEM platforms, log engineering, and security operations support

Leadership skills to lead juniors and enhance team capabilities

Strategic thinking to advise on the department growth and direction

Project management and planning capabilities

Experience onboarding to MDR or SOC-as-a-Service platforms is a strong plus

Solid understanding of log formats (e.g., syslog, JSON, CEF) and network protocols

Proficiency in scripting (Python, Bash, PowerShell, etc.) for automation and parsing

Familiarity with system hardening techniques and secure configuration standards

Knowledge of endpoint, cloud, identity, and network security telemetry

Experience with automation/orchestration frameworks and security tool integrations

Relevant certifications (SIEM, scripting, or cybersecurity) are a plus

Strong analytical, troubleshooting, and communication skills

Ability to manage priorities and work cross-functionally in a fast-paced environment