Google Chronicle SIEM Engineer

Job Overview Role: Google Chronicle SIEM EngineerLocation: San Jose, CA or Palo Alto, CA, OR Multiple Location (Hybrid) Duration: Long Term Contract Job Description: Google Chronicle SIEM Engineer, SOC Automation Specialist & Platform Management We are seeking a highly skilled Google Chronicle SIEM Engineer with expertise in SOC automation to enhance our detection capabilities and reduce false positives across the security landscape. The ideal candidate will be responsible for designing, developing, and maintaining advanced detection use cases, automation workflows, and integrations to strengthen our overall security posture and improve operational efficiency within the SOC environment. Tools Google Chronicle SIEM BindPlane Cribl Key Responsibilities Design, implement, and optimize Google Chronicle SIEM for scalable log ingestion, parsing, normalization, and enrichment. Create and update correlation rules and use cases. Develop and fine-tune detection rules, parsers, and correlation logic to improve threat detection accuracy. Integrate diverse log sources including firewalls, endpoint security, cloud services, IAM, network devices, etc. Build and maintain custom parsers and dashboards to enhance visibility into security events. Collaborate with threat hunting and detection engineering teams to identify and implement new detection logic. Design and implement automation workflows (SOAR-based or API-based) to reduce analyst workload and response time. Automate alert triage, enrichment, and response actions using scripts, playbooks, or orchestration tools. Integrate Google Chronicle with automation platforms (e.g., Cortex XSOAR, Splunk SOAR, Swimlane, or custom Python-based frameworks). BindPlane Deploy, configure, and manage BindPlane agents across servers and cloud workloads. Set up data ingestion from multiple sources (Windows, Linux, databases, firewalls, cloud services). Normalize data schemas and forward logs to SIEM or observability tools (Chronicle, Elastic, Splunk). Configure pipelines for log transformation, labeling, and enrichment. Implement monitoring and alerts for agent health, performance, and log ingestion failures. Optimize ingestion pipelines to reduce latency and improve reliability. Cribl Design, configure, and manage Cribl Stream pipelines for log, metric, and trace ingestion. Build data routing rules to send telemetry to multiple destinations (SIEM, S3, Data Lake). Implement data filtering, sampling, and transformation to optimize SIEM licensing. Integrate enterprise log sources including servers, firewalls, cloud platforms, and APM tools. Manage Cribl workers, leaders, and edge deployments. Troubleshoot ingestion delays, failed pipelines, and data parsing issues. Work with security teams to enhance log data sources into SIEM through Cribl. Job Type: Contract Pay: $70.00 - $80.00 per hour Work Location: On the road