For further inquiries about this opportunity, please contact our Talent Specialist, Ragu at .
Title: Cyber Specialist – Cyber Data Services
Duration: 6 Months with Possible extension/convert for strong performance; not guaranteed.
Location: Onsite at St. Paul, MN
Travel: No regular travel required.
Only W2 candidates are eligible for this position. Third-party or C2C candidates will not be considered.
Job Description:
We are seeking a Cyber Specialist to enable and support internal product teams. This is an internal customer-facing senior role that blends cybersecurity expertise, data-platform enablement, and hands-on onboarding execution.
In this role, you will act as a trusted advisor to internal product, information technology, engineering, and security stakeholders, helping them successfully onboard, access, and operationalize cyber data for security analytics, detection, compliance, operational monitoring, and product security use cases. You will work across enterprise, cloud, IoT, and regulated environments, ensuring cyber data is usable, governed, and aligned to business and security objectives.
This role focuses on cyber data readiness, adoption, and use, and partners closely with detection engineering, event detection, and incident response teams by enabling high-quality, accessible, and well-governed data. Operational detection and response activities remain owned by their respective teams.
Key Responsibilities
Cyber Data Lake Onboarding & Enablement
- Serve as the primary point of contact for internal customers onboarding cyber data into the Cyber Data Lake
- Guide teams on platform capabilities, supported use cases, locales, data residency requirements, connectors, and onboarding prerequisites
- Maintain an inventory of available and in-use connectors for the Cyber Data Lake
- Support technical implementation for batch and streaming ingestion
- Partner with platform and data engineering teams to validate pipelines, schemas, and data quality
- Ensure structured, reusable, and well-governed cyber data onboarded for analytics, detection, and assurance
Internal Customer Support & Data Consumption
- Provide ongoing enablement and support to product, engineering, detection engineering, and security teams
- Assist with queries, reports, analytics, and dashboards using cyber data
- Help internal customers interpret cyber events and telemetry for monitoring, detection tuning, and assurance
- Act as a contact point for onboarding, access, or data-usage issues
- Help teams mature from raw log ingestion to repeatable, value-driven analytics
Support for Detection Engineering & Incident Response Teams
- Enable detection engineering teams with high-quality, consistently structured data suitable for detection development and tuning
- Provide guidance on logging coverage, schemas, and data availability
- Ensure required telemetry is accessible and retained to support investigation and analysis needs
- Serve as a liaison between platform, detection, and response teams to address data gaps
- Partner with incident response teams without performing IR operational activities
Product Security, Compliance & Assurance
- Ensure cyber telemetry supports monitoring, assurance, audit readiness, and compliance reporting
- Advise on cybersecurity data requirements for regulated environments, including applications and platforms supporting medical devices
- Support product security and IoT / connected product telemetry
- Maintain and support RBAC and least-privilege access in the cyber data lake
- Partner with legal, privacy, and compliance teams on regulatory alignment
Governance, Standards & Continuous Improvement
- Develop and maintain onboarding and reporting standards, best practices, and documentation
- Apply project or program coordination practices across onboarding efforts
- Identify and address onboarding anti-patterns such as low-value ingestion or schema drift
- Continuously monitor cyber data feeds for ingestion health, latency, and data quality issues
- Proactively flag intake anomalies that may impact analytics, detection, or compliance use cases
- Contribute to onboarding metrics, usage insights, and improvement initiatives
- Represent cyber data platform perspectives in architecture and governance forums
Required Qualifications
- 4+ years of experience in security analytics or security data platforms
- Experience in a technical, internal customer-facing role
- Strong understanding of cybersecurity logging, events, and telemetry
- Familiarity with Security Information and Event Management (SIEM) and data pipeline technologies and processes
- Hands-on experience with security data lakes, SIEMs, or large-scale telemetry platforms
- Experience with analytics, reporting, or dashboarding on security data
- Understanding of RBAC in shared data environments
- Experience working within global, regulated environments and supporting compliance requirements
- Knowledge of product security including IoT or connected products
- Strong written and verbal communication skills
- Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or equivalent experience.
Top 3 REQUIRED Skills
Required Skill - Tool / Technology /System - Depth - What the candidate must be able to do
- Cyber data/telemetry - Databricks, Splunk - Intermediate- Advanced -Manage ingestion, integrity, and access to cyber data.
- Data lake/platform experience - Databricks(preferred), Snowflake - Intermediate- Advanced - Support data ingestion, pipelines, and ensure quality.
- Stakeholder enablement - NA - Intermediate- Advanced -Work with internal teams, onboard data, communicate effectively.
Preferred Qualifications
- Experience with modern data-lake or lakehouse platforms (e.g., Databricks, Snowflake, BigQuery)
- Experience onboarding cyber or security data at scale
- Experience supporting reporting and dashboarding from data-lake platforms
- Program or project management experience
- Experience working in global or multi-regional environments
- Experience with the cyber regulatory landscape for medical devices
- Relevant certifications such as CISSP, CCSP, cloud security certifications (AWS, Azure, or Google Cloud Platform), or equivalent security and data platform credentials
Top 3 PREFERRED Skills
Preferred Skill - Tool / Technology / System - Value to Role - Willing to Flex
- Modern data platforms - Databricks, Snowflake - Strong advantage - Yes
- Detection engineering exposure -Splunk / SOC tools -Strong advantage - Nice-to-have - Yes
- Project coordination - NA - Strong advantage - Yes
Additional Details
- Education: Bachelor’s preferred; equivalent experience accepted.
- Industry: Medical/pharma not required; regulated environment helpful.
- Systems: Databricks data lake, Splunk, analytics tools.
- Personality: Collaborative, strong communicator, detail-oriented, multitasker.
Interview Process
- Format: Teams video.
- Rounds: Multiple.
- Interviewers: Product cybersecurity + SOC.
- Start date: Target July.
- Scheduling: Limited availability around July 4 week.
Never miss an opportunity! Create an alert based on the job you applied for.
