Senior Data Engineer – Cybersecurity

Job Title: Senior Data Engineer – Cybersecurity (SIEM Modernization)Duration: 12 MonthsExperience: 14+ Years Work Location: Bellevue, WA (HQ) or Overland Park, KS – Onsite 4 days/week Overview We are hiring eight Senior Data Engineers to support our SIEM Modernization initiative, focusing on secure and scalable data ingestion pipelines for cybersecurity workloads. The ideal candidate will have extensive experience in architecting and implementing complex data flows, particularly across 100+ security telemetry sources from legacy and non-standard systems. Key Responsibilities Architect, design, and implement scalable, modular, and reusable data ingestion pipelines using Cribl, Apache NiFi, Vector, and other open-source tools. Develop platform-agnostic ingestion frameworks and template-driven architectures to support diverse input types (Syslog, Kafka, HTTP, Event Hubs, Blob Storage) and output destinations (Snowflake, Splunk, ADX, Log Analytics, Anvilogic). Create and drive adoption of a schema normalization strategy using Open Cybersecurity Schema Framework (OCSF), including field mapping, transformation templates, and schema validation. Implement custom data transformations and enrichments (filtering, routing, format conversions such as JSON ↔ CSV/XML/Logfmt) using Groovy, Python, or JavaScript while ensuring strong security controls (SSL/TLS, client authentication, input validation). Ensure end-to-end data traceability and lineage, including metadata tagging, correlation IDs, and change tracking for audit and forensic readiness. Integrate health monitoring, anomaly detection, and error logging for pipeline reliability in collaboration with observability teams. Validate and oversee high-fidelity data integration into downstream analytics platforms, minimizing data loss, duplication, or transformation drift. Lead technical sessions to evaluate and recommend technologies for managing structured/unstructured security telemetry data at scale. Maintain centralized documentation repositories, including ingestion patterns, transformation libraries, naming standards, and governance procedures. Partner with cybersecurity, analytics, and platform teams to ensure pipelines meet threat detection, compliance, and data analytics requirements. Required Skills & Experience 14+ years of experience as a Data Engineer with a focus on large-scale data pipelines. Hands-on expertise with Cribl, Apache NiFi, Vector, and similar data ingestion platforms. Strong proficiency in Python, Groovy, or JavaScript for data transformation and enrichment. Deep understanding of OCSF or other schema normalization frameworks. Proven experience with cybersecurity data ingestion, particularly from Mobility clients (T-Mobile, Verizon, AT&T, etc.) preferred. Expertise in data governance, lineage, and security controls (SSL/TLS, authentication, logging). Strong collaboration skills with security, observability, and platform teams. Important Notes: No candidates from Osmania University. For JNTU candidates, DOB should be 1992 or later. Local candidates strongly preferred (Bellevue/Overland Park). Non-local candidates acceptable if willing to relocate (no last-minute surprises). Job Type: Contract Pay: $50.00 - $55.00 per hour Expected hours: 40 per week Experience: Senior Data Engineer: 10 years (Required) Cybersecurity: 10 years (Required) SIEM: 10 years (Required) SIEM Modernization initiative: 10 years (Required) State client: 10 years (Required) Data Engineer: 10 years (Required) Cribl: 10 years (Required) Apache NiFi: 10 years (Required) Vector: 10 years (Required) Data ingestion: 10 years (Required) Python: 10 years (Required) Groovy: 10 years (Required) JavaScript: 10 years (Required) OCSF: 10 years (Required) Mobility Client: 10 years (Required) Work Location: In person