Security Engineer - Observability Pipeline

About The Position

Requirements

• Python proficiency - Strong programming skills with experience in data processing, APIs, and automation
• AWS Cloud Services - Hands-on experience with Kinesis, Lambda, S3, Athena, CloudWatch, IAM, and other core services
• Data Processing - Experience with JSON, Parquet, Avro, and CSV parsing and manipulation
• Stream Processing - Understanding of real-time data processing concepts and streaming technologies
• Data Modeling - Ability to design efficient schemas for security data storage and analytics
• API Development - Experience building and consuming REST/GraphQL APIs
• Regular Expressions - Proficient in regex for log parsing, pattern matching, and data extraction
• Security Logging & Monitoring - Understanding of security event formats, log sources, and monitoring concepts
• SIEM Experience - Previous work with security information and event management platforms
• CI/CD Knowledge - Familiarity with continuous integration/deployment practices and tools
• Infrastructure as Code - Experience with orchestration tools (Terraform, Ansible, CloudFormation, etc.)
• Detection Engineering - Background in creating security detections, rules, and analytics

Nice To Haves

• Experience with additional AWS services (EventBridge, Step Functions, ECS/EKS, etc.)
• Knowledge of security frameworks (MITRE ATT&CK, NIST, etc.)
• Familiarity with threat intelligence platforms and feeds
• Experience with data visualization tools (PowerBi, Grafana, Kibana, etc.)
• Background in cloud security and compliance requirements
• Previous work with streaming data platforms (Kafka, etc.)
• SQL proficiency for complex data analysis and querying

Responsibilities

• Design, build, and maintain security observability pipelines using AWS Kinesis, Lambda, S3, Athena, and related services
• Develop real-time and batch processing workflows for security event ingestion, enrichment, and analysis
• Implement scalable data processing architectures to handle high-volume security telemetry
• Design efficient data schemas and models optimized for security analytics and storage
• Create and tune security detections, alerts, and automated response mechanisms
• Develop custom parsers and data transformation logic for various security log sources
• Build correlation rules and behavioral analytics to identify threats and anomalies
• Collaborate on incident response and threat hunting initiatives
• Implement Infrastructure as Code (IaC) using tools like Terraform, CloudFormation, or CDK
• Design and maintain CI/CD pipelines for security tooling and detection deployment
• Automate security operations workflows and orchestrate multi-service integrations