Cribl Platform Engineer
Description:
LINKED IN MUST HAVE PHOTO AND LOCATION LISTED
Role Responsibilities
Cribl Platform Engineering & Administration
Design, deploy, administer, and scale Cribl Stream, Edge, and Search across multi-cloud, on-premises, and hybrid environments.
Own Cribl architecture, performance tuning, upgrades, and high-availability configurations.
Build and maintain pipelines for filtering, routing, masking, enrichment, and transformation of telemetry data.
Optimize telemetry pipelines to reduce ingestion costs while preserving security, compliance, and investigative value.
Develop and enforce standards for telemetry onboarding, pipeline design, and operational best practices.
AI-Driven Observability & Automation
Integrate AI/ML capabilities into observability and security workflows, including:
Intelligent data enrichment and normalization
Anomaly detection and signal amplification
Automated routing, suppression, or prioritization of telemetry
Partner with data science, AI platform, or security teams to operationalize AI-driven insights within Cribl pipelines.
Leverage AI-assisted tooling to improve troubleshooting, detection fidelity, and operational efficiency.
Security & Compliance Enablement
Implement data protection controls including PII masking, tokenization, filtering, and policy-based routing.
Support security monitoring and incident response by ensuring high-quality, reliable telemetry delivery to downstream SIEM, SOAR, and analytics platforms.
Ensure Cribl configurations align with enterprise security, privacy, and compliance requirements (e.g., PCI, HIPAA, SOX, NIST).
Collaboration & Technical Leadership
Act as a Subject Matter Expert (SME) for Cribl and telemetry pipeline architecture.
Collaborate with application, infrastructure, and security teams to onboard new data sources.
Mentor engineers and provide guidance on observability and telemetry best practices.
Contribute to runbooks, architectural documentation, and operational playbooks.
Operational Support
Participate in on-call rotations supporting critical observability and security infrastructure.
Troubleshoot complex data pipeline, performance, and reliability issues across distributed systems.
Support incident response, post-incident reviews, and continuous improvement efforts.
Qualifications
Basic Qualifications
5+ years of experience in observability, telemetry engineering, data engineering, or security engineering roles.
3+ years of hands-on experience with Cribl Stream and/or Cribl Edge in production environments.
Strong experience with log management, SIEM, and observability platforms (e.g., Splunk, Elastic, Datadog, OpenSearch, Sentinel).
Proficiency with Linux, networking fundamentals, and distributed systems.
Experience with Public Cloud platforms (AWS, Azure, and/or GCP).
Strong scripting or programming experience in Python, JavaScript, Go, or similar languages.
Experience with Infrastructure-as-Code and configuration management tools (e.g., Terraform, Ansible).
Preferred Qualifications
Experience implementing AI/ML-driven observability or security use cases.
Familiarity with OpenTelemetry and modern telemetry standards.
Experience with containerized and serverless environments (Docker, Kubernetes).
Knowledge of data streaming and messaging platforms (Kafka, Kinesis, Pub/Sub).
Understanding of enterprise compliance frameworks (PCI, HIPAA, SOX, NIST).
Experience supporting large-scale, multi-region, 24/7 production environments.
Strong ability to translate complex technical concepts for non-technical stakeholders.