The Security Data Engineer position is the subject matter expert for our Security Information and Event Management (SIEM) system and leads efforts to aggregate and enrich data for to support our security efforts. Reporting into the Enterprise Security Engineering team, you will engineer new features for our SIEM and detections platform and works with security analysts to understand their needs and builds solutions to enhance their ability to find data and build security detections.

You will onboard new data sources into our SIEM to support security detections. This will encompass, analyzing new data, mapping to a common information model, and optimizing storage. You will inspire creativity in data analytics and data visualizations, explore cloud federated data models, and explore the use of AI to mine data from large data lakes. You will maintain complex data flows that support the SIEM, detections, and automations platforms. Likewise, it will build monitoring systems for the data flows and respond to and troubleshoot problems. You will work with operations staff from across the enterprise to ensure the flow of critical data.

The Security Data Engineer will work on the the security and safety of EA by building the systems that forms the "eyes and ears" of our security. You will solve challenging and complex problems like searching for security anomalies amongst extremely large data sets and correlating them across sources from every corner of the enterprise. You'll work in a dynamic team with a very clear vision and purpose to make a difference in security.

This role is a hybrid role. We would like you to work in our EA office in Guildford 2 days per week

Skillsets:

• At least 5 years experience with basics of security

• Proficient with Splunk Enterprise Security

• Understanding of other SIEM platforms a plus

• The ability to write optimized SPL code

• Understanding of security detections a plus

• Proficient with Linux from an administration standpoint

• Proficient with cloud platforms (AWS, Azure, etc.)

• Familiarity with PowerShell and Python for data transformations • Experience with ETL tools

• Experience with Ruby/Chef is optional

• Experience with awscli or terraform equivalent is helpful

• SOAR experience is beneficial

• Understanding of computer networks