TC-CS-CDR-Cribl-Staff

At EY, we’re all in to shape your future with confidence.

We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go.

Join EY and help to build a better working world.

Job Title: Cribl Staff Engineer

Experience: 2-3 Years

Job Summary: We are looking for a Cribl Staff Engineer with 2-3 years of experience specializing in Cribl LogStream and its integration with SIEM platforms. The ideal candidate will design, implement, and maintain Cribl pipelines to optimize log and event data ingestion, transformation, and routing to enhance SIEM capabilities for security monitoring and incident response.

Key Responsibilities:

• Design, develop, and maintain Cribl LogStream pipelines to efficiently route, filter, and enrich security event data for SIEM platforms.
• Implement data transformation and parsing rules to normalize and optimize logs for SIEM ingestion.
• Collaborate with security operations, incident response, and infrastructure teams to understand SIEM data requirements and integrate Cribl solutions accordingly.
• Monitor and troubleshoot Cribl pipelines to ensure reliable and performant data delivery to SIEM systems.
• Assist in the deployment, configuration, and scaling of Cribl infrastructure components.
• Develop and maintain documentation for Cribl configurations, pipelines, and best practices related to SIEM integration.
• Participate in incident investigations and root cause analysis involving data pipeline issues.
• Stay current with Cribl product updates and SIEM industry trends to continuously improve data processing workflows.
  
  

Qualifications:

• 2-3 years of hands-on experience with Cribl LogStream focused on SIEM data integration.
• Strong understanding of SIEM platforms (e.g., Splunk, QRadar, ArcSight) and security event data processing.
• Experience with log formats such as JSON, Syslog, CEF, LEEF, and other security event standards.
• Proficiency in scripting languages (e.g., Python, JavaScript) for custom data manipulation within Cribl.
• Knowledge of security operations, incident response processes, and log management best practices.
• Strong analytical and problem-solving skills with the ability to work collaboratively.
• Excellent communication skills for effective interaction with technical teams and stakeholders.
  
  

Preferred Skills:

• Experience with cloud environments (AWS, Azure, GCP) and containerized deployments.
• Familiarity with network security protocols and threat intelligence feeds.
• Certifications related to Cribl, SIEM, or cybersecurity are advantageous.
  
  

EY | Building a better working world

EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.

Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.

EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

---