[Remote] Staff Cyber Security Logging Engineer

Note: The job is a remote job and is open to candidates in USA. Jack Henry is a technology company focused on transforming financial services for community banks and credit unions. They are seeking a Staff Cyber Security Logging Engineer to design and implement enterprise logging and data solutions, ensuring optimal configurations and collaborating with various teams to enhance security operations.

Responsibilities

• Design and implementation of enterprise logging and data solutions
• Identifying suboptimal configurations and defining resolution strategies for enterprise logging and data platforms
• Ensuring license, ingest, and cost prevention strategies are developed and applied to all applicable platforms
• Assist with the development and creation of platform roadmaps and life cycle strategies
• Pipeline Architecture: Design, build, and maintain scalable data pipelines to ingest, parse, and normalize security telemetry from diverse sources (Cloud, Endpoint, Network, Identity)
• Data Lifecycle Management: Implement data retention, archiving, and tiering strategies to balance compliance requirements with storage costs
• Health & Performance Monitoring: Develop dashboards and alerts to monitor the latency, throughput, and "heartbeat" of log sources to ensure zero data loss
• Stakeholder Collaboration: Partner with Incident Response (IR) and Detection Engineering teams to ensure they have the right data, in the right format, at the right time
• Contributes to threat prevention by researching, recommending, developing, and implementing changes to security tools across host, network, and cloud environments
• Provides complex troubleshooting and support for cybersecurity-related issues
• Leads and completes assigned cybersecurity-related projects
• Develops and implements standards to apply cybersecurity controls consistent with approved policies
• Leads documentation and process improvement efforts
• Resolves escalated security cases
• Provides assistance and guidance to less experienced team members
• May perform other job duties as assigned

Skills

• Minimum of 9 years of experience in security data observability and management supporting security operations center (SOC) teams or similar
• Minimum 2 years' experience as a Cribl administrator/engineer
• Demonstrable experience with major SIEM/SOAR platforms
• Certified Cribl Engineer is preferred, but will consider formal experience
• Google SecOps experience
• At least one professional level cybersecurity data management certification or similar
• Experience in highly regulated environment or knowledge of PCI-DSS, HIPAA, or GDPR mandates

Benefits

• Comprehensive benefits designed to support your physical, mental, and financial health so you can thrive both personally and professionally

Company Overview