HUD - SIEM / Data Engineer

About The Position

Requirements

• Bachelor’s degree in Computer Science, Data Engineering, Cybersecurity, or related field.
• 5+ years of experience in SIEM engineering, data engineering, or security analytics.
• Hands-on experience with SIEM platforms (e.g., Splunk, Elastic, QRadar).
• Strong experience building data pipelines using tools such as Python, SQL, or ETL frameworks.

Responsibilities

• Design, develop, and maintain SIEM data pipelines for ingestion, parsing, normalization, and enrichment of security logs.
• Implement and optimize log aggregation and data collection from on-premise, cloud (AWS GovCloud), and SaaS environments.
• Configure and maintain SIEM platforms (e.g., Splunk) including data onboarding, indexing strategies, and performance tuning.
• Develop and maintain correlation rules, dashboards, alerts, and detection use cases to support SOC operations.
• Ensure data quality, integrity, and availability across security telemetry sources.
• Integrate multiple data sources including network logs, endpoint data, cloud logs, application logs, and threat intelligence feeds.
• Support real-time and batch data processing to enable threat detection, incident response, and analytics.
• Collaborate with SOC analysts, threat intelligence, and incident response teams to improve detection capabilities.
• Automate data ingestion, transformation, and enrichment processes using scripting and data engineering tools.
• Perform data mapping and normalization aligned with common schemas (e.g., CIM, ECS).
• Optimize SIEM storage, retention, and query performance for large-scale data environments.
• Support integration with SOAR platforms for automated response and orchestration.
• Conduct troubleshooting and root cause analysis of data pipeline issues and ingestion failures.
• Maintain documentation for data architecture, pipelines, and configurations.
• Support compliance reporting, audit requirements, and data governance aligned with federal standards.