Cybersecurity Data Engineer

Kochi, Kerala
Permanent
Full-time

1 month ago

Job Category: Cyber SecurityJob Description:We are seeking a Cybersecurity Data Engineer to build and maintain data pipelines, analytics infrastructure, and telemetry normalization processes that enable scalable detection, automation, and threat hunting across the enterprise. This role is critical to the success of our cybersecurity program-fueling AI-enhanced analytics, response automation, and visibility across IT, cloud, and OT environments.You will collaborate across cybersecurity, cloud, and infrastructure teams to ensure high-quality telemetry from systems like Okta, SentinelOne, Zscaler, and more. Your work will help drive smarter security decisions, reduce manual toil, and accelerate incident response. Come and join a great team who are driving tomorrow's security!Responsibilities:

Design, build, and maintain scalable security telemetry pipelines that ingest, normalize, enrich, and route data to SIEMs, data lakes, and analytics platforms
Architect and manage high-performance storage and processing solutions for SIEM, SOAR, and security data lakes
Assemble complex, cross-domain datasets that support threat detection, forensic analysis, posture reporting, and compliance
Develop analytics tools and dashboards using Python, KQL, regex, and API integrations to expose anomalies and generate actionable insights
Build AI/ML-ready data structures that support use cases such as anomaly detection, alert triage scoring, LLM-driven summarization, and enrichment engines
Own end-to-end data flow: ingress, transformation, storage, alerting, and visualization
Apply an automation-first mindset to eliminate manual ETL processes and optimize data pipeline performance
Collaborate with detection engineers and threat hunters to fine-tune telemetry capture, build context-rich alerts, and close data visibility gaps
Create and maintain dashboards and alerts in platforms such as SentinelOne, Cribl, and SaaS-native tools
Maintain detailed technical documentation, including data dictionaries, schema designs, and pipeline runbooks
Other duties as assigned by organization leadership.

Requirements:

Bachelor's or Master's degree in Computer Science, Computer Engineering or Data Engineering, or a related field.
Certification in CompTIA+ or equivalent is preferred.
3 to 5 years of hands-on experience.
Possess strong communication and interpersonal skills.
Self-directed, organized, and able to manage multiple priorities.
Strong ability to work collaboratively with others, to influence based on knowledge and experience.
Experience in data engineering, with a strong focus on security or infrastructure telemetry.
Strong experience with scripting languages (Python, PowerShell, JavaScript) and query languages (SQL, KQL, regex).
Hands-on experience with SIEM and log management tools (e.g., Microsoft Sentinel, Splunk, Elastic, Cribl, syslog-ng, or similar).
Familiarity with data lakehouse/lake/warehouse architectures (e.g., Databricks, Snowflake, AWS Lake Formation, or similar).
Experience working with cloud services and logging pipelines in Azure, AWS, or hybrid environments
Understanding of cybersecurity domains including logging, identity, endpoint, and network telemetry
Strong troubleshooting skills and the ability to debug complex pipeline or data normalization issues
Ability to balance low-level engineering with cross-functional collaboration and prioritization across multiple projects.

Preferred Qualifications

Certifications: Azure Data Engineer, AWS Big Data Specialty, Security+, or relevant cybersecurity/data certs
Familiarity with Amazon Security Lake, Microsoft Purview, Azure Monitor, or custom log routing architectures
Understanding of threat detection use cases and how telemetry enables visibility across MITRE ATT&CK
Knowledge of AI-enhanced analytics tools or ability to work with LLM APIs for summarization, labeling, or enrichment workflows
Windows Server and Linux certifications are a plus.

NOV

Apply Now