This role is for a Specialist in Security Data Pipeline, Data Lakes, SIEM & Data Engineering
About our client:
Our client is a leading SAAS company, working across various industries to deliver leading mobile technology platforms and solutions which are transforming the way people, vehicles, and things move through the world.
About the Role:
We are seeking an experienced Security Data Pipeline, SIEM & Data Engineer Specialist to support our Log Rationalisation and SOC Onboarding projects.
This role requires deep expertise in modern security data architectures, large-scale log ingestion, data transformation, and federated search across SIEM and Data Lake platforms. You will help design, implement, and optimise scalable logging and SOC integration architectures to deliver cost efficiency, operational resilience, and readiness for next-gen SOC operations.
Key Responsibilities:
- Design and implement security data pipelines (e.g., Cribl, Splunk DMX, Kafka-based pipelines).
- Architect and optimise Security Data Lakes (AWS Security Lake, Snowflake, Delta Lake).
- Configure and manage SIEM platforms (Splunk, Microsoft Sentinel, or equivalent).
- Develop log rationalisation, enrichment, suppression, and parsing strategies.
- Build and manage data ingestion frameworks, schema management, and ETL/ELT pipelines.
- Enable federated search and cross-platform analytics across SIEMs and data lakes.
- Support SOC onboarding by integrating SIEM pipelines with SOAR, TI, and case management systems.
- Conduct readiness validation and performance benchmarking of logging and SOC onboarding architectures.
- Provide knowledge transfer, documentation, and operational playbooks.
The ideal candidate:
- 5+ years' experience in security operations engineering, SIEM, or data platforms.
- Data engineering expertise in log ingestion, schema transformation, and distributed systems.
- Strong expertise with at least one security data pipeline (Cribl Stream, Splunk DMX, Fluentd, Logstash).
- Hands-on experience with data lakes (AWS Security Lake, Snowflake, Microsoft Fabric, or Delta Lake).
- Proficiency in SIEM platforms (Splunk Cloud/Enterprise Security, Microsoft Sentinel).
- Strong scripting and automation skills (Python, SQL, PowerShell).
- Familiarity with cloud environments (AWS, Azure, GCP).
- Strong experience with SOC onboarding workflows and integrations (ticketing, SOAR, TI).
- Excellent communication and documentation skills.
- 12-month contract
- Lyneham, ACT
How to Apply:
Please upload your resume to apply. We will be in touch with further instructions for suitably skilled candidates. Please note that you will be required to complete selection criteria to complete your application for this role.
Call George Wright on 0480 011 549 or email georgew@whizdom.com.au for any further information.
Candidates will need to be willing to undergo pre-employment screening checks which may include, ID and work rights, security clearance verification and any other client requested checks.
