Specialist II - Information Security

ID: 59871 7 - 9 Years 1 Opening Hyderabad

Role description

Cribl Engineer - Role Summary

The Cribl Engineer is responsible for designing, deploying, and operating telemetry data pipelines using Cribl Stream in a cloud-centric environment. This role focuses on enabling reliable, scalable, and cost-efficient log ingestion and routing across SIEM and observability platforms, supporting detection engineering, audit, and operational excellence objectives.

Key Responsibilities

• Design, build, and maintain Cribl Stream pipelines (routes, parsing, filtering, transformation).
• Manage log ingestion and routing to downstream platforms (e.g., Google SecOps, Splunk, or other SIEMs).
• Optimize pipelines for performance, cost efficiency, and reliability.
• Troubleshoot and resolve data flow, ingestion, and pipeline issues in production.
• Implement automation using infrastructure-as-code (Terraform, CloudFormation) and CI/CD pipelines.
• Operate within AWS and/or multi-cloud environments, supporting scalable telemetry processing.
• Integrate Cribl with cloud-native services and enterprise systems.
• Collaborate with Detection Engineers, DREs, and platform teams to ensure data availability aligns with detection and compliance use cases.
• Monitor pipeline health and ensure adherence to operational SLAs and reliability standards.
• Apply security and compliance best practices for log handling and transmission.
• Experience supporting large-scale migrations highly desired (e.g., SIEM or log pipeline transformations)

Required Qualifications

• Hands-on experience with Cribl Stream (pipelines, routes, packs, edge/workers).
• Experience with log management / observability / telemetry pipelines.
• Strong knowledge of log formats and parsing (e.g., JSON, syslog, regex).
• Experience with cloud platforms (AWS preferred; Azure/GCP acceptable).
• Solid understanding of Linux/Unix environments.
• Scripting experience (e.g., Python, Bash).
• Experience troubleshooting data ingestion and pipeline performance issues.

Preferred Qualifications

• Experience with SIEM platforms (Google SecOps/Chronicle, Splunk, Elastic).
• Familiarity with containerization/orchestration (Docker, Kubernetes).
• Experience with infrastructure-as-code and deployment automation.
• Exposure to high-volume telemetry environments and cost optimization strategies.
• Understanding of security telemetry, detection engineering, or SOC workflows.

Key Outcomes / Measures of Success

• Reliable and consistent log ingestion with minimal data loss.
• Improved pipeline performance and reduced ingestion cost.
• Timely resolution of data flow and onboarding issues.
• Scalable and maintainable cloud-based telemetry architecture.

Alignment of telemetry pipelines to detection, audit, and compliance requirements.

Skills

siem,python,linux,aws security,

About UST

UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world’s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients’ organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact—touching billions of lives in the process.