Cribl Data Modeling Security Engineer - REMOTE (W2 ONLY)

Job Description:

***Only W2 resumes are accepted

Work Location: 100% Remote
Candidate location: No South Carolina residency required. Open to nationwide candidates. All travel-related costs for onsite work will be the responsibility of the resource no matter the frequency of onsite work.

This position will serve as a data modeling Security Engineer focused on cribl ingestion within the dept of administration’s Division of Information Security.  The successful candidate will show extensive experience successfully designing, implementing and maintaining data modeling using cribl for log ingestion in large scale security environments.  this contractor will be working with a large enterprise security team and will assist full-time security architects and engineering staff with the design, implementation and integration of cribl data modeling to enhance technologies and programs.

SUCCESSFUL CANDIDATE:  This contractor will be primarily focused on data modeling cribl pipelines while providing hands-on technical support across multiple security disciplines, including but not limited to SIEM, XDR, Vulnerability Management, Data Loss Prevention (DLP), Security Awareness, endpoint, Linux sensor deployment, and security automation initiatives. The role requires experience in data modeling, information security architecture and solution design to support the strategic planning, design, implementation and continuous improvement of secure systems and services.

MANDATORY SCREENING REQUIREMENTS:  THESE REQUIREMENTS ARE STRICTLY ENFORCED AND NON-NEGOTIABLE.  NO EXCEPTIONS CAN BE GRANTED.  CANDIDATES WHO CANNOT PASS THESE REQUIREMENTS WILL NOT BE ELIGIBLE FOR HIRE.  ALL APPLICANTS MUST SUCCESSFULLY PASS A FULL CREDIT CHECK AND CRIMINAL BACKGROUND CHECK DURING THE INITIAL HIRING PROCESS.  ONCE ONBOARD, THEY MUST OBTAIN AND RETAIN ANNUAL CJIS CERTIFICATION AS PART OF THE ONGOING EMPLOYMENT PROCESS.

DAILY DUTIES / RESPONSIBILITIES:

Preference will be given to a candidate who can occasionally work onsite as needed and perform local administrative tasks withing the state of south carolina.

• Primarily assist in the planning, design, deployment and operational support of enterprise security platforms, including:

CRIBL data modeling and log pipeline ingestion

Security information and event management (SIEM)

Assist with design and configuration of linux based security sensors and endpoint monitoring tools 

• secondarily Assist in the planning, design, deployment and operational support of enterprise security platforms, including:

Extended Detection and Response (XDR)

Vulnerability Management platforms and processes

Data Loss Prevention (DLP) solutions

Security Awareness and training platforms

• Collaborate with security architects to design and implement enterprise security solutions that align with LEADERSHIP’s business goals, regulatory requirements and organizational risk tolerance.
• Design, deploy and manage countermeasures to address known security threats and contribute to mitigation strategies for emerging threats to enterprise data, systems and services.
• Ensure consistent application of security controls across enterprise infrastructure and applications; validate control effectiveness and recommend improvements.
• Support incident detection and response activities through monitoring, log analysis and reporting.
• Develop technical documentation, implementation guides and standard operating procedures as needed.
• Perform other duties as assigned in support of the Department of Administration’s Division of Information Security. 

Required Skills:

• CRIBL DATA MODELING AND LOG PIPELINE DESIGN AND IMPLEMENTATION.
• Strong understanding of enterprise security architecture and engineering principles.
• Experience implementing and supporting enterprise security tools (SIEM, XDR, Vulnerability Management, DLP, endpoint security).
• Experience developing automation and integrations using scripting languages such as Python and Bash.
• Knowledge of cybersecurity best practices, threat detection, and defensive security strategies.
• Experience with Linux and Windows operating systems, including system hardening and security configuration.
• Understanding of networking concepts, security protocols, and secure system design.

Preferred Skills:

• HANDS-ON CRIBL DATA MODELING EXPERIENCE.
• Hands-on SIEM administration, analysis, and reporting experience.
• Experience building and deploying Linux-based security sensors.
• Familiarity with security frameworks and compliance standards such as NIST CSF, CJIS, IRS 1075, and CMS MARS-E.