Overview Senior Security Engineer. You will be a key member of the SIEM team, contributing to the engineering and strategic evolution of our global Security Log Management and Vulnerability Scanning services. This is an end-to-end ownership role: from defining the roadmap and architectural strategy to hands-on engineering and operational excellence.Responsibilities Service Ownership & Strategy: Drive the end-to-end lifecycle of our Security Log Management (Splunk & Cribl) and Security Scanning (Tenable) platformsService Reliability: Ensure the high availability and performance of our security services globally, acting as an escalation point for complex technical challengesSystem Interconnectivity: Develop and manage API integrations to ensure seamless data flow between the security scanning (Tenable) and logging (Splunk/Cribl) tiersNext-Gen Security Log Architecture: Lead the transition from a traditional "index-all" logging approach to a data-tiering mindset, focusing on cost optimization and performance across data lifecycle phases: routing, filtering, storing and searchingInfrastructure as Code (IaC): Manage configurations via CI/CD pipelines (GitHub, Ansible, and Python) to ensure a fully automated and version-controlled environmentAI-Augmented Engineering: Integrate AI Agents and MCP (Model Context Protocol) servers into daily operations, building agentic AI workflows to automate configuration, troubleshooting, and complex interconnectivityMentorship: Mentor colleagues in prompt engineering, agentic AI development, and advanced AI ecosystemsTechnical Leadership: Define implementation plans and drive continuous process improvementsStakeholder Engagement: Manage relationships across functional teams and communicate security goals and project deliveryTechnical Requirements & Expertise Security Service Depth: Deep understanding of the SIEM/Log Management lifecycle (Collection, Indexing, Storage, Retention and Searching) and Vulnerability ManagementNetworking Fundamentals: Expertise in networking (TCP/IP, Load Balancing, Firewalls) as it relates to high-volume security data transportCoding & API Mastery: Strong experience with Python and REST APIs; ability to interconnect disparate technologies via APIs and custom integrationsModern DevOps: Experience with Ansible and GitHub for managing infrastructureAdvanced AI/Automation: Experience building Agentic AI workflows; familiarity with MCP (Model Context Protocol) or building custom LLM-based tools to automate technical tasksTooling (Preferred): Experience with Cribl, Splunk, or Tenable is a plus, with ability to upscale and automate these via AIRoche is an Equal Opportunity Employer.
#J-18808-Ljbffr