DevSecOps Engineer- Threat Management

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category: Software Engineering

About Salesforce:

We're Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too - driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good - you've come to the right place.

We are seeking skilled and experienced Security Engineers to join our DnR Threat Management Team in a high visibility and impact role for the initial migration, and long term management of our security information and event management (SIEM) infrastructure, data, and detection logic from Nirvana Splunk to Google Chronicle. In this role, you will be responsible for overseeing the log/data migration process, ensuring seamless integration of logs and maintaining the system's performance and security posture, and the daily (ongoing) Development Security Operations of the Google Chronicle Platform (SIEM).

Key Responsibilities:

1. Design and develop parsers for extracting structured data from log messages.
2. Extend existing parsers to support new log formats or data sources.
3. Collaborate with stakeholders to understand parsing requirements and ensure compatibility with existing systems.
4. Test and validate parsers to ensure accuracy and efficiency.
5. Document parser specifications and provide support for integration into the logging pipeline.
6. Identify requirements for integrating new data sources or systems with the logging infrastructure.
7. Develop custom connectors or plugins to ingest log data from diverse sources.
8. Integrate third-party tools or services for enhanced log analysis and correlation.
9. Conduct testing and validation of new integrations to ensure reliability and performance.
10. Provide documentation and support for users utilizing new integrations.
11. Identify opportunities for automation within the logging infrastructure and related processes.
12. Develop scripts and workflows to automate repetitive tasks such as log ingestion, parsing, and analysis.
13. Integrate logging tools and systems with other internal tools and platforms for seamless data exchange.

Qualifications:

1. 3-5 years of experience in information security, with a focus on security engineering and analysis.
2. Hands-on experience with SIEM platforms.
3. Strong understanding of security principles, threat detection techniques, and incident response procedures.
4. Proficiency in scripting languages such as Python.
5. Proficiency in coding Java or equivalent.
6. Excellent communication skills, with the ability to effectively collaborate with cross-functional teams and communicate technical concepts to non-technical stakeholders.
7. Adaptability and willingness to learn new technologies and methodologies in a fast-paced environment.

If you are passionate about enhancing our organization's security posture through effective migration and maintenance of security infrastructure, we encourage you to apply for this exciting opportunity.