5 jobs found

Sivara GmbH is seeking an experienced Cribl Data Analytics Engineer to join a leading financial services organisation in London on a 12-month contract. The role involves designing and managing Cribl data pipelines, optimising telemetry ingestion, and enhancing security monitoring capabilities within a hybrid team. The successful candidate will work closely with various teams to improve data visibility and reduce costs. Strong hands-on experience with Cribl tools and a robust understanding of data management are essential.

Salary: £56,000 - 73,000 per year Requirements Strong hands on experience with Cribl Stream Strong hands on experience with Cribl Search Strong hands on experience with Cribl Edge Cribl Lake experience is desirable Experience building and managing large scale data pipelines Strong understanding of data routing, filtering, enrichment, and transformation Experience with Splunk, Microsoft Sentinel, Elastic Stack, and Datadog Experience with SIEM platforms Understanding of SOC operations and security monitoring requirements Experience onboarding security log sources Strong log analysis and troubleshooting skills Experience with structured and unstructured data Knowledge of JSON, Syslog, REST APIs, and common log formats Experience developing dashboards and reporting solutions Azure and/or AWS experience Understanding of Windows and Linux environments Networking fundamentals including TCP/IP, DNS, SSL/TLS, and load balancing Python, PowerShell, and Bash/Shell scripting experience API integration and automation experience Financial services or investment banking experience is desirable Experience on large scale observability or cyber transformation programmes is desirable Experience with OpenTelemetry is desirable Experience with Infrastructure as Code, such as Terraform, is desirable Experience with Kubernetes and containerised environments is desirable Exposure to DevOps and CI/CD pipelines is desirable Strong analytical and problem solving skills Excellent stakeholder management and communication skills Ability to work independently within complex enterprise environments Strong documentation and reporting skills Collaborative approach with cross functional technical teams Responsibilities Design, deploy, and manage Cribl data pipelines across enterprise environments Configure and support Cribl Stream, including data collection, transformation, filtering, enrichment, masking, and routing Optimise telemetry ingestion into SIEM and observability platforms Implement data reduction strategies to improve platform efficiency and reduce licensing costs Develop and maintain data parsing, normalisation, and enrichment processes Support integration with security and monitoring platforms such as Splunk, Microsoft Sentinel, Elastic, and Datadog Troubleshoot data ingestion, routing, and pipeline performance issues Work with Security Operations teams to ensure required log sources are onboarded and monitored Support cloud and hybrid environments including Azure, AWS, and on premises infrastructure Create dashboards, reports, and analytics to support operational and security use cases Document solutions, operational procedures, and technical designs Participate in change management, testing, and production deployments Provide technical guidance and knowledge transfer to operational teams Technologies API AWS Azure Bash CI/CD Cloud Datadog DevOps Support JSON Kubernetes Linux Load Balancing OpenTelemetry PowerShell Python REST Security Splunk TCP/IP Terraform Windows More We are supporting a leading financial services organisation in London seeking an experienced Cribl Data Analytics Engineer to join a large scale Cyber Security and Observability programme. This is a 12 month contract role based in London with a hybrid working model of 4 days per week onsite, offered inside IR35 and starting as soon as possible. The successful candidate will work closely with Cyber Security, SOC, Infrastructure, Cloud, Data Engineering, and Application teams to improve data visibility, reduce SIEM costs, and enhance security monitoring capabilities.

# Logs Specialist Logs Specialist Dynatrace is seeking a results-driven Log Management Domain Specialist to serve as the primary domain authority for our Log Management solution. This is a high-impact, domain role designed to drive the successful adoption, consumption, and displacement of legacy log tools. You will partner with our Global Sales organization to demonstrate the unique value of the Dynatrace GrailTM data lakehouse, helping customers transition from high-cost, fragmented logging silos to a unified, AI-powered observability platform. Core Responsibilities Domain Expertise: Act as the domain "subject matter expert" (SME) for Logs, staying ahead of industry trends like OpenTelemetry (OTel), log pipelines (Cribl/BindPane), and cloud-native logging (CloudWatch/Stackdriver). Articulate the architectural superiority of Dynatrace Grail-specifically how its schema-on-read and index-less storage solve the "cardinality explosion" of modern logs. Competitive Execution: Partner with Account Executives/SEs to identify and execute displacement plays against legacy incumbents. Lead high-stakes Proof of Concepts (POCs) that drive Logs consumption that prove ROI by reducing data ingest costs while increasing troubleshooting speed. Build "Economic Value" models that show customers how to optimize their SaaS consumption and maximize their Dynatrace investment. Solution Architecture: Expertise in architecting resilient, vendor neutral log ingestion frameworks utilizing Fluentd, Logstash, and OpenTelemetry Collector pipelines, etc. Help customers navigate complex log-routing scenarios, ensuring high-value data is prioritized for analytics while low-value data is archived cost-effectively. Consumption Advocacy: Identify "consumption bottlenecks" within existing accounts and proactively provide technical guidance to unlock more log data volume and user adoption. Conduct "Best Practice" workshops focused on log-based alerting, DQL (Dynatrace Query Language) proficiency, and dashboarding. What will help you succeed Qualifications & Requirements Experience: 5+ years in a domain, specialist, pre-sales, professional services, or SRE role, with at least 3 years specifically focused on Log Management or Big Data analytics. Technical Depth: Advanced proficiency in Query Languages (e.g., Splunk SPL, Kusto QL, SQL, or Lucene). Deep understanding of Log Ingestion pipelines and "Telemetry Pipelines" (Cribl, BindPlane, Vector). Hands-on experience with Kubernetes, OpenShift, and Serverless logging patterns. Cloud & DevOps: Strong knowledge of AWS, Azure, or GCP logging ecosystems and automation tools like Terraform or Ansible. Business Acumen: Ability to translate "bits and bytes" into "dollars and cents"-explaining how log management impacts MTTR and operational overhead. Education: Bachelor's degree in - Computer science, Engineering, or equivalent practical experience. Hands on exposure to modern observability pipelines, including Cribl solutions or OpenTelemetry logging specifications. Familiarity with the Cribl ecosystem or OpenTelemetry logging specs. Experience with scripting (Python, Go, or Bash) for log transformation and data cleanup. Why you will love being a Dynatracer Dynatrace is a leader in unified observability and security. We provide a culture of excellence with competitive compensation packages designed to recognize and reward performance. Our employees work with the largest cloud providers, including AWS, Microsoft, and Google Cloud, and other leading partners worldwide to create strategic alliances. The Dynatrace platform uses cutting-edge technologies, including our own Davis hypermodal AI, to help our customers modernize and automate cloud operations, deliver software faster and more securely, and enable flawless digital experiences. Over 50% of the Fortune 100 companies are current customers of Dynatrace. Note to Recruiters and Agencies : Thank you for your interest in Dynatrace. Please note that we do not accept unsolicited agency resumes -do not forward them via our website or directly to Dynatrace employees. Dynatrace will not pay fees for unsolicited resumes, and any resumes received this way will be considered the property of Dynatrace. Benefits and work-life perksWe offer best-in-class core rewards, including paid time off, financial security benefits, retirement savings plans, and health insurance. Beyond that, you'll get other benefits and work-life perks designed to make your ride with us even more rewarding. Mental health supportOur Employee Assistance Program, powered by Telus Health, offers support for you and your family members. Wellness DaysFour company-designated extra paid days off for you to recharge batteries. FlexibilityOur hybrid working model and flexible working hours offer you the flexibility you need. Employee Stock Purchase PlanPurchase company stock (NYSE:DT) at a discounted price and become a shareholder. Learn & developCompany-wide learning perks, designated team's learning days, and more. Volunteering dayA day of paid volunteer time to support a community or cause you care about. Regular team eventsWe host Global Culture Parties, Family & Friends at Work Day, Global Breakfasts, Green Weeks, Pride Month, and beyond! International vibeMost of our offices and teams are proudly multicultural. English is our shared language, but we embrace and learn from each other's cultures.Rewards vary depending on your employment type. Some benefits and perks also differ by location - explore your city to see what's available there. About DynatraceDynatrace (NYSE: DT) is the leading AI-powered observability and security platform. We're advancing observability for today's digital businesses, helping transform modern digital ecosystems' complexity into powerful business assets.Our AI-driven insights cut through the noise, allowing customers to focus on what truly matters by automating manual tasks and resolving issues with pinpoint accuracy. Dynatrace offers simplicity, clarity, and reliability at scale to ensure teams can make informed decisions, minimize downtime, and drive their business forward with confidence.

SS7 Monitoring SpecialistNewbury, United KingdomApply NowFind out how well you match with this jobRequisition ID283614Date posted06/04/2026 Join Us At Vodafone, we're not just shaping the future of connectivity for our customers - we're shaping the future for everyone who joins our team. When you work with us, you're part of a global mission to connect people, solve complex challenges, and create a sustainable and more inclusive world. If you want to grow your career whilst finding the perfect balance between work and life, Vodafone offers the opportunities to help you belong and make a real impact. What you'll do Cyber Defence Operations (CDO) is Vodafone Group's Cyber Defence Operations Centre of Excellence. CDO's mission is to protect Vodafone customers against global cyber risk. CDO is specifically accountable for delivering: Cyber Defence operational leadership across Vodafone. Cyber Defence operational capabilities to Vodafone Group, the Local Market Operating Companies, and Partner Markets to enhance Vodafone's global cyber defence posture and reduce its cyber risk.The is accountable for providing advanced operational defence against signalling based threats impacting Vodafone's telecommunications networks. The role specialises in monitoring, analysing, detecting, and responding to security events across SS7, Diameter and GTP-C using Signalling Firewalls and Signalling Intrusion Detection Systems.As an escalation point for complex signalling incidents, the role leads investigations through deep protocol analysis, telemetry interrogation and advanced analytics while also owning continuous improvement of playbooks, dashboards, and operational processes. Additionally, the role collaborates with global Vodafone Cyber Security teams, including CERT and Incident Management, to support major incident investigations and cross functional initiatives. Define, maintain and continuously improve Cyber Defence playbooks for SigFW related events. Develop clear and actionable incident reporting to support effective prioritisation, escalation and decision making. Support development and production integration of Signalling Intrusion Detection Systems (SigIDS). Design and maintain operational dashboards and analytics to improve signalling security situational awareness. Perform continuous monitoring and triage of signalling security events in line with defined severity and escalation criteria. Lead the analysis of unusual signalling patterns, behaviours and anomalies within the network, identifying potential SS7/Diameter abuse and responding to threats before network impact occurs. Analyse known and emerging signalling attack techniques (e.g. interception, location tracking, routing manipulation, fraud enablement) and translate these into effective detection logic, analytics and investigative guidance. Maintain expert knowledge of SS7/Diameter abuse patterns and translate this into detection logic, alerts and investigative guidance. Feed lessons learned from incidents and intelligence back into preventative controls, dashboards and playbooks. Raise and manage incident and remediation tickets (e.g. Remedy) Manage enrichment of signalling telemetry (e.g. via Cribl coordinated through GitHub Enterprise). Consume telecom specific threat intelligence and integrate insights into SigFW/SigIDS detections, playbooks and operational workflows. Identify control gaps and propose enhancements to detection logic, SigFW policies and operational procedures to improve signalling security posture. Act as a technical liaison between Cyber Defence and Network Engineering to influence signalling security policy, control design and operational effectiveness. Brief internal and external stakeholders including NCSC, NSIE and Ofcom where required. Evaluate and optimise signalling security tooling to ensure effective defence against evolving threats and emerging attack techniques. Continuously work to stabilize the process and procedures Security Reporting and Advisories - take part in and may drive the delivery of signalling security reports and advisories to all key stakeholders Who you are Strong willingness to learn and adapt to new tools, technologies and emerging signalling threats in a fast moving security environment. Open minded, collaborative and comfortable working across technical and operational teams. Demonstrates resilience, curiosity and a positive attitude when operating in high pressure incident environments. Experience with telecommunications signalling protocols (SS7, Diameter, GTP C) or strong willingness to rapidly develop expertise in this area. Strong analytical capability across large signalling telemetry datasets to identify anomalies, abuse patterns and emerging threats. Experience working within an operational Cyber Defence or SOC environment, including incident triage and escalation. Hands on experience in security event analysis and incident response, particularly within network or telecoms contexts. Experience using security analytics and monitoring platforms such as Dynatrace, Splunk, Google SecOps and Tableau. Understanding of telemetry pipelines, log enrichment, and data quality considerations (e.g. Syslog, Cribl or similar). Ability to communicate complex technical findings clearly to both technical and non technical stakeholders. Excellent verbal and written communication skills with the ability to articulate complex technical concepts clearly and concisely. Highly disciplined and motivated, able to work independently, under direction or collaboratively as part of a wider team. Strong understanding of security threats and abuse patterns relevant to telecommunications networks and signalling environments. Bachelor's degree in cyber security, Information Technology, Telecommunications Engineering, or a related field or equivalent professional experience. Working towards, or willingness to obtain, relevant professional certifications in areas such as network security, security analytics, intrusion detection, or incident response (e.g. GCIA, GNFA, Splunk certifications, cloud security certifications, or equivalent). Equivalent practical experience within telecoms security or signalling focused cyber defence will be considered equally valuable. This role requires eligibility for and willingness to complete UK government security clearance. Not a perfect fit? Worried that you don't meet all the desired criteria exactly? At Vodafone we are passionate about empowering people and creating a workplace where everyone can thrive, whatever their personal or professional background. If you're excited about this role but your experience doesn't align exactly with every part of the job description, we encourage you to still apply as you may be the right candidate for this role or another opportunity. What's in it for you Yearly bonus: 10% Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year Charity days: 5 days/year Maternity leave: 52 weeks: the first 13 weeks are fully paid, followed by 26 weeks of half pay Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%. Access to: private medical, private dental, free health assessments, share save scheme Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan Who we are We are a leading international Telco, serving millions of customers. At Vodafone, we believe that connectivity is a force for good. If we use it for the things that really matter, it can improve people's lives and the world around us. Through our technology we empower people, connecting everyone regardless of who they are or where they live and we protect the planet, whilst helping our customers do the same.Belonging at Vodafone isn't a concept; it's lived, breathed, and cultivated through everything we do. You'll be part of a global and diverse community, with many different minds, abilities, backgrounds and cultures. ;We're committed to increase diversity, ensure equal representation, and make Vodafone a place everyone feels safe, valued and included.If you require any reasonable adjustments or have an accessibility request as part of your recruitment journey, for example, extended time or breaks in between online assessments, please refer to for guidance.

Join Us At Vodafone, we're not just shaping the future of connectivity for our customers - we're shaping the future for everyone who joins our team. When you work with us, you're part of a global mission to connect people, solve complex challenges, and create a sustainable and more inclusive world. If you want to grow your career whilst finding the perfect balance between work and life, Vodafone offers the opportunities to help you belong and make a real impact. What you'll do Cyber Defence Operations (CDO) is Vodafone Group's Cyber Defence Operations Centre of Excellence. CDO's mission is to protect Vodafone customers against global cyber risk. CDO is specifically accountable for delivering: Cyber Defence operational leadership across Vodafone. Cyber Defence operational capabilities to Vodafone Group, the Local Market Operating Companies, and Partner Markets to enhance Vodafone's global cyber defence posture and reduce its cyber risk. The role is accountable for providing advanced operational defence against signalling based threats impacting Vodafone's telecommunications networks. The role specialises in monitoring, analysing, detecting, and responding to security events across SS7, Diameter and GTP-C using Signalling Firewalls and Signalling Intrusion Detection Systems. As an escalation point for complex signalling incidents, the role leads investigations through deep protocol analysis, telemetry interrogation and advanced analytics while also owning continuous improvement of playbooks, dashboards, and operational processes. Additionally, the role collaborates with global Vodafone Cyber Security teams, including CERT and Incident Management, to support major incident investigations and cross functional initiatives. Define, maintain and continuously improve Cyber Defence playbooks for SigFW related events. Develop clear and actionable incident reporting to support effective prioritisation, escalation and decision making. Support development and production integration of Signalling Intrusion Detection Systems (SigIDS). Design and maintain operational dashboards and analytics to improve signalling security situational awareness. Perform continuous monitoring and triage of signalling security events in line with defined severity and escalation criteria. Lead the analysis of unusual signalling patterns, behaviours and anomalies within the network, identifying potential SS7/Diameter abuse and responding to threats before network impact occurs. Analyse known and emerging signalling attack techniques (e.g. interception, location tracking, routing manipulation, fraud enablement) and translate these into effective detection logic, analytics and investigative guidance. Maintain expert knowledge of SS7/Diameter abuse patterns and translate this into detection logic, alerts and investigative guidance. Feed lessons learned from incidents and intelligence back into preventative controls, dashboards and playbooks. Raise and manage incident and remediation tickets (e.g. Remedy). Manage enrichment of signalling telemetry (e.g. via Cribl coordinated through GitHub Enterprise). Consume telecom specific threat intelligence and integrate insights into SigFW/SigIDS detections, playbooks and operational workflows. Identify control gaps and propose enhancements to detection logic, SigFW policies and operational procedures to improve signalling security posture. Act as a technical liaison between Cyber Defence and Network Engineering to influence signalling security policy, control design and operational effectiveness. Brief internal and external stakeholders including NCSC, NSIE and Ofcom where required. Evaluate and optimise signalling security tooling to ensure effective defence against evolving threats and emerging attack techniques. Continuously work to stabilise the process and procedures. Security Reporting and Advisories - take part in and may drive the delivery of signalling security reports and advisories to all key stakeholders. Who you are Strong willingness to learn and adapt to new tools, technologies and emerging signalling threats in a fast moving security environment. Open minded, collaborative and comfortable working across technical and operational teams. Demonstrates resilience, curiosity and a positive attitude when operating in high pressure incident environments. Experience with telecommunications signalling protocols (SS7, Diameter, GTP C) or strong willingness to rapidly develop expertise in this area. Strong analytical capability across large signalling telemetry datasets to identify anomalies, abuse patterns and emerging threats. Experience working within an operational Cyber Defence or SOC environment, including incident triage and escalation. Hands on experience in security event analysis and incident response, particularly within network or telecoms contexts. Experience using security analytics and monitoring platforms such as Dynatrace, Splunk, Google SecOps and Tableau. Understanding of telemetry pipelines, log enrichment, and data quality considerations (e.g. Syslog, Cribl or similar). Ability to communicate complex technical findings clearly to both technical and non technical stakeholders. Excellent verbal and written communication skills with the ability to articulate complex technical concepts clearly and concisely. Highly disciplined and motivated, able to work independently, under direction or collaboratively as part of a wider team. Strong understanding of security threats and abuse patterns relevant to telecommunications networks and signalling environments. Bachelor's degree in cyber security, Information Technology, Telecommunications Engineering, or a related field or equivalent professional experience. Working towards, or willingness to obtain, relevant professional certifications in areas such as network security, security analytics, intrusion detection, or incident response (e.g. GCIA, GNFA, Splunk certifications, cloud security certifications, or equivalent). Equivalent practical experience within telecoms security or signalling focused cyber defence will be considered equally valuable. This role requires eligibility for and willingness to complete UK government security clearance. What's in it for you Yearly bonus: 10% Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year Charity days: 5 days/year Maternity leave: 52 weeks - the first 13 weeks are fully paid, followed by 26 weeks of half pay Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%. Access to private medical, private dental, free health assessments, share save scheme Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan Who we are We are a leading international Telco, serving millions of customers. At Vodafone, we believe that connectivity is a force for good. If we use it for the things that really matter, it can improve people's lives and the world around us. Through our technology we empower people, connecting everyone regardless of who they are or where they live and we protect the planet, whilst helping our customers do the same.