Security Data Architect (SIEM Data Pipeline)
Job Title : Security Data Architect (SIEM Data Pipeline)
Location : (Remote)
Duration : Contract
Job Description:
• Work Required
• Architect scalable, reusable security‑telemetry pipelines using Cribl, NiFi, Vector, and related platforms, ensuring consistent ingestion across 100+ diverse data sources.
• Develop platform‑agnostic ingestion frameworks and modular patterns supporting multiple protocols and destinations (syslog, HTTP, Event Hubs, Snowflake, ADX, etc.).
• Define multi‑year ingestion and transformation roadmaps, including modernization phases, platform standards, and scalable architectural guardrails.
• Set enterprise governance models for schema evolution, onboarding new data sources, transformation quality, and versioning.
• Drive platform consolidation and rationalization, identifying redundant ingestion patterns and unifying them into enterprise‑wide frameworks.
• Create reference architectures, reusable design patterns, and standardized pipeline blueprints adopted by all engineering teams.
• Provide technical mentorship to senior engineers, guiding architectural thinking and deep‑system design approaches.
• Influence cross‑organizational strategy, aligning ingestion and transformation capabilities with threat‑detection, compliance, SIEM modernization, and data‑analytics roadmaps.
• Evaluate emerging technologies, assessing fit, integration patterns, and long‑term viability for enterprise-scale telemetry processing.
• Lead adoption of OCSF‑based normalization, including field mapping, schema validation, and portable transformation templates.
• Implement advanced data transformation logic (filtering, enrichment, routing, format conversion) using Groovy, Python, or JavaScript while enforcing strict governance and security controls.
• Ensure complete data lineage and traceability across ingestion, transformation, and storage layers, including metadata tagging and audit‑ready tracking.
• Integrate pipeline‑level observability: health monitoring, error handling, transformation failure alerts, and anomaly detection.
• Validate high‑fidelity data delivery to analytics and SIEM platforms, minimizing data loss, duplication, and drift.
• Lead cross‑functional design sessions, technology evaluations, and architecture reviews for large‑scale security telemetry ecosystems.
• Maintain centralized documentation for ingestion patterns, schema definitions, transformations, and governance standards.
• * Experience Required:
• 10+ Years of experience working in Cybersecurity
• 5+ Years of experience on CRIBL
• Cribl Certified Engineer (Architect desired)
• 5+ Years of experience on JavaScript, python, or other scripting language
• 1.
Thanks & Regards
Rushinga Reddy
Yochana Solutions Inc
248-598-7513 (D) || [email protected]
248-876-4228(Fax)
Apply Now
Apply Now
Location : (Remote)
Duration : Contract
Job Description:
• Work Required
• Architect scalable, reusable security‑telemetry pipelines using Cribl, NiFi, Vector, and related platforms, ensuring consistent ingestion across 100+ diverse data sources.
• Develop platform‑agnostic ingestion frameworks and modular patterns supporting multiple protocols and destinations (syslog, HTTP, Event Hubs, Snowflake, ADX, etc.).
• Define multi‑year ingestion and transformation roadmaps, including modernization phases, platform standards, and scalable architectural guardrails.
• Set enterprise governance models for schema evolution, onboarding new data sources, transformation quality, and versioning.
• Drive platform consolidation and rationalization, identifying redundant ingestion patterns and unifying them into enterprise‑wide frameworks.
• Create reference architectures, reusable design patterns, and standardized pipeline blueprints adopted by all engineering teams.
• Provide technical mentorship to senior engineers, guiding architectural thinking and deep‑system design approaches.
• Influence cross‑organizational strategy, aligning ingestion and transformation capabilities with threat‑detection, compliance, SIEM modernization, and data‑analytics roadmaps.
• Evaluate emerging technologies, assessing fit, integration patterns, and long‑term viability for enterprise-scale telemetry processing.
• Lead adoption of OCSF‑based normalization, including field mapping, schema validation, and portable transformation templates.
• Implement advanced data transformation logic (filtering, enrichment, routing, format conversion) using Groovy, Python, or JavaScript while enforcing strict governance and security controls.
• Ensure complete data lineage and traceability across ingestion, transformation, and storage layers, including metadata tagging and audit‑ready tracking.
• Integrate pipeline‑level observability: health monitoring, error handling, transformation failure alerts, and anomaly detection.
• Validate high‑fidelity data delivery to analytics and SIEM platforms, minimizing data loss, duplication, and drift.
• Lead cross‑functional design sessions, technology evaluations, and architecture reviews for large‑scale security telemetry ecosystems.
• Maintain centralized documentation for ingestion patterns, schema definitions, transformations, and governance standards.
• * Experience Required:
• 10+ Years of experience working in Cybersecurity
• 5+ Years of experience on CRIBL
• Cribl Certified Engineer (Architect desired)
• 5+ Years of experience on JavaScript, python, or other scripting language
• 1.
Thanks & Regards
Rushinga Reddy
Yochana Solutions Inc
248-598-7513 (D) || [email protected]
248-876-4228(Fax)
Apply Now
Apply Now