Cyber Security Engineer (Cyber Log, SIEM) l Contract l Up to $5K

Key Responsibilities

• Develop and enhance detection logic for identity-based threats across SIEM, UEBA, and XDR platforms using MITRE ATT&CK and ATT&CK for Identity.
• Review and onboard custom application logs into SIEM and data lakes, ensuring proper parsing, normalization, and enrichment.
• Build and manage log ingestion pipelines using Cribl for data transformation, routing, and monitoring use cases.
• Collaborate with IAM, SOC, Threat Intelligence, and application teams to improve detection quality and behavioral analytics.
• Perform log source onboarding, validation, and troubleshooting for transmission or formatting issues.
• Maintain documentation, data dictionaries, parsing logic, and support AAA monitoring for systems like Active Directory, PAM, and SSO.
• Support incident triage related to log collection issues and enhance log visibility, threat hunting workflows, and automation.

Requirement:

• Diploma or Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or a related field.
• 1–2 years of hands-on experience in cyber log management, SIEM operations, or security data engineering.
• Proficiency in SIEM tasks such as log parsing, DSM configuration, rule tuning, and AQL queries.
• Experience with Cribl Stream or similar log pipeline tools.
• Familiarity with data lake architectures and security data integration.
• Good understanding of IAM monitoring and AAA logs.
• Experience with log standardization and formats (CEF, JSON, Syslog).
• Knowledge of Linux, network protocols, and syslog.
• Experience with custom log sources, schema mapping, and correlation rules.
• Relevant certifications such as IBM QRadar Specialist, Splunk Core Power User, CompTIA Security+, or GIAC GCIA.