Cribl Engineer \ Cloud Engineer

Role Summary:

The Cribl Engineer is responsible for designing, deploying, and operating telemetry data pipelines using Cribl Stream in a cloud-centric environment. This role focuses on enabling reliable, scalable, and cost-efficient log ingestion and routing across SIEM and observability platforms, supporting detection engineering, audit, and operational excellence objectives.

Key Responsibilities:

  • Design, build, and maintain Cribl Stream pipelines (routes, parsing, filtering, transformation).
  • Manage log ingestion and routing to downstream platforms (e.g., Google SecOps, Splunk, or other SIEMs).
  • Optimize pipelines for performance, cost efficiency, and reliability.
  • Troubleshoot and resolve data flow, ingestion, and pipeline issues in production.
  • Implement automation using infrastructure-as-code (Terraform, CloudFormation) and CI/CD pipelines.
  • Operate within AWS and/or multi-cloud environments, supporting scalable telemetry processing.
  • Integrate Cribl with cloud-native services and enterprise systems.
  • Collaborate with Detection Engineers, DREs, and platform teams to ensure data availability aligns with detection and compliance use cases.
  • Monitor pipeline health and ensure adherence to operational SLAs and reliability standards.
  • Apply security and compliance best practices for log handling and transmission.
  • Experience supporting large-scale migrations highly desired (e.g., SIEM or log pipeline transformations)

Required Qualifications:

  • Hands-on experience with Cribl Stream (pipelines, routes, packs, edge/workers).
  • Experience with log management / observability / telemetry pipelines.
  • Strong knowledge of log formats and parsing (e.g., JSON, syslog, regex).
  • Experience with cloud platforms (AWS preferred; Azure/GCP acceptable).
  • Solid understanding of Linux/Unix environments.
  • Scripting experience (e.g., Python, Bash).
  • Experience troubleshooting data ingestion and pipeline performance issues.

Preferred Qualifications:

  • Experience with SIEM platforms (Google SecOps/Chronicle, Splunk, Elastic).
  • Familiarity with containerization/orchestration (Docker, Kubernetes).
  • Experience with infrastructure-as-code and deployment automation.
  • Exposure to high-volume telemetry environments and cost optimization strategies.
  • Understanding of security telemetry, detection engineering, or SOC workflows.

Key Outcomes / Measures of Success:

  • Reliable and consistent log ingestion with minimal data loss.
  • Improved pipeline performance and reduced ingestion cost.
  • Timely resolution of data flow and onboarding issues.
  • Scalable and maintainable cloud-based telemetry architecture.
  • Alignment of telemetry pipelines to detection, audit, and compliance requirements.

Working Model:

  • Operates as part of a globally distributed engineering team (US, India, LATAM).
  • Participates in onboarding, migration, and optimization initiatives (e.g., Cribl upgrades, Cloud migrations).
  • Works within defined operational rhythms, ticketing (ServiceNow/Jira), and engineering standards.

We’re grateful for your interest in joining us . Kindly note that only applicants whose experience and qualifications most closely align with the role will be contacted for the next steps. Thank you for your understanding!

Apply Now
Apply Now

Job Details

Company
UST
Location
United Kingdom
Posted