SIEM Routing Engineer

Who we are looking for

The State Street Cyber Architecture & Engineering team is looking for a Senior SIEM/Event Routing Engineer . The Cyber Data Science team delivers models, insights, and tooling to help Cybersecurity teams make faster, more informed decisions as we work to secure State Street's digital footprint. As a Senior SIEM / Event Routing Engineer , you will be responsible for designing, implementing, and maintaining solutions that enhance data visibility, transform data, and improve overall data quality in collaboration with data product managers, architects, engineers, and other team members to deliver SIEM & analytics functions that support our mission to build predictive models and intelligent systems that help secure State Street's information and infrastructure.

What you will be responsible for

As a Senior SIEM / Event Routing Engineer , you will:

• Collaborate across a variety of teams to enable our Data Platform and Engineering needs to design, implement, and maintain a secure and scalable infrastructure platform spanning across multiple public clouds and our on-premise Data Center s .
• Use Infrastructure as Code and containerization to create immutable reproducible deployments and establish best practices to scale that Infrastructure as Code ( IaC ) project in a maintainable way.
• Implement and manage Security event routing & SIEM platforms using Cribl and Splunk technologies in a hybrid multi cloud environment using CICD processes by developing CloudFormation and Terraform templates

• Collaborate with cross-functional teams to understand data integration requirements and design solutions using CRIBL Log stream and Splunk
• Configure and customize CRIBL Log stream to efficiently route, fitter & transform data streams from various infrastructure, applications and public cloud services
• Onboard and maintain continuous data feeds of log telemetry data to Cyber data platforms (Splunk, Databricks) for security threat detection and observability functions
• Take ownership of internal and external SLA's to meet and exceed expectations and System centric KPIs are continuously monitored .
• Create tools for automating deployment, monitoring, alerting and operations of the overall platform and establish best practices for CI/CD environments and methodologies such as GitOps

• Design and build petabyte scale systems for high availability, high throughput, data consistency, security, and end user privacy, defining our next generation of data analytics tooling
• Work alongside the global cybersecurity architecture & engineering leadership to develop and deliver capabilities to support Cyber Data Science initiatives both internally and in partnership with detection and response teams, and governance and risk management teams across our CISO organization.
• You will mentor other engineers and promote software engineering best practices across the organization designing systems with monitoring, auditing, reliability, and security at their core.
• Come up with solutions for scaling data systems for various business needs and collaborate in a dynamic and consultative environment.

Education & Qualifications

Minimum Qualifications

• Build self-healing systems with advanced techniques Key Projects:
  Lead workstreams of the modernization of our SIEM and data routing platforms and enable the data migration process to cloud hosted data platforms
• Minimum 3+ years of platform engineering with DevOps experience with minimum bachelor's degree in Computer Science or Engineering .
• 3+ years of SIEM platform engineering and operations experience using Splunk technologies

• 3+ years of experience log onboarding to logging platforms to support SIEM and Observability
• 2+ years of data pipeline platform implementation experience using tools like Cribl , Fluentbit / Fluentd & Vector .dev
• Practical experience with Data Engineering for CIM compliance
• A deep understanding of CI/CD tools and a strong desire to help teams release frequently to production with a focus on creating reliable high-quality results.
• Extensive experience building large scale distributed systems and data analytics processes on cloud native, in-memory, and fit-for-purpose hybrid infrastructure. Experience with cybersecurity data and globally distributed log & event processing systems with data mesh and data federation as the architectural core is highly desirable.

• Expertise in DevOps, DevSecOps and emergent experience with DataSecOps and Data Governance practices - deep experience with managing and scaling container-based infrastructure-as-code technologies from the CNCF and related orbits.
• Expertise with either AWS, GCP, Azure, and Services/Tooling such as or similar to : Terraform, Packer, Docker, Kubernetes, Helm, Prometheus, Grafana, Fluent Bit, Istio (Service Mesh)
• Strong background integrating continuous delivery( CD) with Kubernetes using tools such as Argo, GitLab, Spinnaker and strong Git experience, development methodologies, trunk-based develop vs. git flow, etc.
• Strong end-to-end ownership and a good sense of urgency to enable proper self-prioritization
• Maintain live services by measuring and monitoring availability, latency, and overall system

Preferred Experience

• Splunk certifications (e.g., Splunk Certified Architect or Splunk Certified Consultant).
• 6 + years of experience with Python, Java, or similar languages, with cloud infrastructure ( e.g. AWS, GCP, Azure), and deep experience working with big data processing infrastructures and cloud architecture
• Deep experience with cloud DevOps tooling and expertise in container native systems and associated security and scaling considerations - ability to work with and build tooling that works in a multi/hybrid cloud environment with modern CI/CD, IaC , DataOps , and DevSecOps best practices.
• Mentor and guide teammates with best practices of DevOps

Are you the right candidate? Yes!
We truly believe in the power that comes from the diverse backgrounds and experiences our employees bring with them. Although each vacancy details what we are looking for, we don't necessarily need you to fulfil all of them when applying. If you like change and innovation, seek to see the bigger picture, make data driven decisions and are a good team player, you could be a great fit.
Why this role is important to us
Our technology function, Global Technology Services (GTS), is vital to State Street and is the key enabler for our business to deliver data and insights to our clients. We're driving the company's digital transformation and expanding business capabilities using industry best practices and advanced technologies such as cloud, artificial intelligence and robotics process automation.

We offer a collaborative environment where technology skills and innovation are valued in a global organization. We're looking for top technical talent to join our team and deliver creative technology solutions that help us become an end-to-end, next-generation financial services company.

Join us if you want to grow your technical skills, solve real problems and make your mark on our industry.

About State Street
What we do. State Street is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation, we're making our mark on the financial services industry. For more than two centuries, we've been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients.
Work, Live and Grow. We make all efforts to create a great work environment. Our benefits packages are competitive and comprehensive. Details vary by location, but you may expect generous medical care, insurance and savings plans, among other perks. You'll have access to flexible Work Programs to help you match your needs. And our wealth of development programs and educational support will help you reach your full potential.
Inclusion, Diversity and Social Responsibility. We truly believe our employees' diverse backgrounds, experiences and perspectives are a powerful contributor to creating an inclusive environment where everyone can thrive and reach their maximum potential while adding value to both our organization and our clients. We warmly welcome candidates of diverse origin, background, ability, age, sexual orientation, gender identity and personality. Another fundamental value at State Street is active engagement with our communities around the world, both as a partner and a leader. You will have tools to help balance your professional and personal life, paid volunteer days, matching gift programs and access to employee networks that help you stay connected to what matters to you.
State Street is an equal opportunity and affirmative action employer.

Salary Range:
$100,000 - $160,000 Annual
The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.