Cybersecurity Engineer (Cribl Data Modeling and SIEM Focused) - Fully REMOTE

Daily Duties / Responsibilities:

PREFERENCE WILL BE GIVEN TO A CANDIDATE WHO CAN OCCASIONALLY WORK ONSITE AS NEEDED AND PERFORM LOCAL ADMINISTRATIVE TASKS WITHING THE STATE OF SOUTH CAROLINA.

• PRIMARILY Assist in the planning, design, deployment and operational support of enterprise security platforms, including:

cribl DATA MODELING AND LOG PIPELINE INGESTION

security Information and Event Management (SIEM)

ASSIST WITH DESIGN AND CONFIGURATION OF LINUX BASED SECURITY SENSORS AND ENDPOINT MONITORING TOOLS

• secondarily Assist in the planning, design, deployment and operational support of enterprise security platforms, including:

Extended Detection and Response (XDR)

Vulnerability Management platforms and processes

Data Loss Prevention (DLP) solutions

Security Awareness and training platforms

• Collaborate with security architects to design and implement enterprise security solutions that align with LEADERSHIP's business goals, regulatory requirements and organizational risk tolerance.
• Design, deploy and manage countermeasures to address known security threats and contribute to mitigation strategies for emerging threats to enterprise data, systems and services.
• Ensure consistent application of security controls across enterprise infrastructure and applications; validate control effectiveness and recommend improvements.
• Support incident detection and response activities through monitoring, log analysis and reporting.
• Develop technical documentation, implementation guides and standard operating procedures as needed.
• Perform other duties as assigned in support of the Department of Administration's Division of Information Security.

Required Skills (rank in order of Importance):

• CRIBL DATA MODELING AND LOG PIPELINE DESIGN AND IMPLEMENTATION.
• Strong understanding of enterprise security architecture and engineering principles.
• Experience implementing and supporting enterprise security tools (SIEM, XDR, Vulnerability Management, DLP, endpoint security).
• Experience developing automation and integrations using scripting languages such as Python and Bash.
• Knowledge of cybersecurity best practices, threat detection, and defensive security strategies.

• Experience with Linux and Windows operating systems, including system hardening and security configuration.
• Understanding of networking concepts, security protocols, and secure system design.

Preferred Skills (rank in order of Importance):

• HANDS-ON CRIBL DATA MODELING EXPERIENCE.
• Hands-on SIEM administration, analysis, and reporting experience.
• Experience building and deploying Linux-based security sensors.
• Familiarity with security frameworks and compliance standards such as NIST CSF, CJIS, IRS 1075, and CMS MARS-E.

Required Education/Certifications:

BACHELOR'S DEGREE IN AN

INFORMATION TECHNOLOGY OR

INFORMATION SECURITY RELATED

FIELD

EIGHT YEARS OF RELEVANT WORK

EXPERIENCE MAY BE SUBSTITUTED IN LIEU OF EDUCATION

FIVE YEARS OF EXPERIENCE IN SUPPORTING LARGE IT ENVIRONMENTS AND/OR SYSTEM DEPLOYMENTS

Preferred Education/Certifications:

CISSP

Security+