Salary: £56,000 - 73,000 per year
Requirements
- Strong hands on experience with Cribl Stream
- Strong hands on experience with Cribl Search
- Strong hands on experience with Cribl Edge
- Cribl Lake experience is desirable
- Experience building and managing large scale data pipelines
- Strong understanding of data routing, filtering, enrichment, and transformation
- Experience with Splunk, Microsoft Sentinel, Elastic Stack, and Datadog
- Experience with SIEM platforms
- Understanding of SOC operations and security monitoring requirements
- Experience onboarding security log sources
- Strong log analysis and troubleshooting skills
- Experience with structured and unstructured data
- Knowledge of JSON, Syslog, REST APIs, and common log formats
- Experience developing dashboards and reporting solutions
- Azure and/or AWS experience
- Understanding of Windows and Linux environments
- Networking fundamentals including TCP/IP, DNS, SSL/TLS, and load balancing
- Python, PowerShell, and Bash/Shell scripting experience
- API integration and automation experience
- Financial services or investment banking experience is desirable
- Experience on large scale observability or cyber transformation programmes is desirable
- Experience with OpenTelemetry is desirable
- Experience with Infrastructure as Code, such as Terraform, is desirable
- Experience with Kubernetes and containerised environments is desirable
- Exposure to DevOps and CI/CD pipelines is desirable
- Strong analytical and problem solving skills
- Excellent stakeholder management and communication skills
- Ability to work independently within complex enterprise environments
- Strong documentation and reporting skills
- Collaborative approach with cross functional technical teams
Responsibilities
- Design, deploy, and manage Cribl data pipelines across enterprise environments
- Configure and support Cribl Stream, including data collection, transformation, filtering, enrichment, masking, and routing
- Optimise telemetry ingestion into SIEM and observability platforms
- Implement data reduction strategies to improve platform efficiency and reduce licensing costs
- Develop and maintain data parsing, normalisation, and enrichment processes
- Support integration with security and monitoring platforms such as Splunk, Microsoft Sentinel, Elastic, and Datadog
- Troubleshoot data ingestion, routing, and pipeline performance issues
- Work with Security Operations teams to ensure required log sources are onboarded and monitored
- Support cloud and hybrid environments including Azure, AWS, and on premises infrastructure
- Create dashboards, reports, and analytics to support operational and security use cases
- Document solutions, operational procedures, and technical designs
- Participate in change management, testing, and production deployments
- Provide technical guidance and knowledge transfer to operational teams
Technologies
- API
- AWS
- Azure
- Bash
- CI/CD
- Cloud
- Datadog
- DevOps
- Support
- JSON
- Kubernetes
- Linux
- Load Balancing
- OpenTelemetry
- PowerShell
- Python
- REST
- Security
- Splunk
- TCP/IP
- Terraform
- Windows
More
We are supporting a leading financial services organisation in London seeking an experienced Cribl Data Analytics Engineer to join a large scale Cyber Security and Observability programme. This is a 12 month contract role based in London with a hybrid working model of 4 days per week onsite, offered inside IR35 and starting as soon as possible. The successful candidate will work closely with Cyber Security, SOC, Infrastructure, Cloud, Data Engineering, and Application teams to improve data visibility, reduce SIEM costs, and enhance security monitoring capabilities.