Back to jobsApply
Gravwell

Ingest everything, compromise nothing. Data analytics at scale with predictive pricing.

Customer SIEM Engineer

Full TimeRemoteTeam 11-50Since 2017H1B No SponsorCompany SiteLinkedIn

Location

United States

Posted

11 hours ago

Salary

$120K - $210K / year

3 yrs expEnglishLinuxPythonShell ScriptingSplunk

Job Description

• Lead the Onboarding Journey: Take full technical ownership of the customer relationship immediately following the sale, moving them from initial setup to a fully operational production environment. • Architect Data Pipelines: Design and implement complex data ingestion strategies using Gravwell Ingesters, focusing on efficient normalization and parsing. • Detection Engineering: Collaborate with customer security teams to build, test, and deploy advanced queries and alerting logic to identify threats and system anomalies. • Systems Engineering: Provide expert-level guidance on Linux system tuning, storage optimization, and resource management to ensure Gravwell clusters perform at peak efficiency. • Mission Support: Act as the primary technical point of contact for complex troubleshooting, helping customers navigate deep-tier technical hurdles in their environments. • Develop Technical Tooling: Write custom shell scripts, utilities, and automation workflows to streamline deployment and data manipulation tasks. • Feedback Loop: Act as a conduit between the customer and our core Engineering team, translating real-world usage challenges into prioritized product features.

Job Requirements

  • 3–5+ years in a highly technical role such as Security Engineer, SIEM Administrator, or Site Reliability Engineer (SRE).
  • Linux Power User: You should be comfortable living in the terminal. Deep knowledge of Linux internals, file systems, and performance tuning is a must.
  • Scripting & Automation: Proficiency in Shell scripting, Python, or Powershell for system management and tasks.
  • Detection Mindset: Strong understanding of security frameworks (MITRE ATT&CK) and the ability to translate TTPs into functional search queries and alerts.
  • Log Mastery: Experience with regex, JSON manipulation, and structured/unstructured data normalization.
  • SIEM Expertise: Hands-on experience managing or deploying enterprise-grade platforms (e.g., Splunk, Elastic, QRadar, or specialized syslog-ng/fluentd architectures).
  • Project Leadership: Ability to manage an onboarding timeline and guide multiple stakeholders through a technical mission.

Benefits

  • Work where your impact is direct, visible, and appreciated.
  • Full autonomy and trust to solve problems that we may not have known we had.
  • Flexible remote work setup with a strong support culture.
  • Access to mission-critical projects and real-world security data.
  • Help build a better analytics experience.

Related Categories

Engineer

Related Job Pages

Remote Full-time Jobs (US)Remote Python Jobs (US)More US Remote Jobs