About the job
About Our Team and Role:
The Information Security team at Rubrik is dedicated to enhancing the security posture across the organization through impactful initiatives and the management of extensive security projects. We develop innovative technologies, tools, and processes that empower teams to build secure software while safeguarding data and systems with effective security measures. Our team also monitors and responds to threats, provides educational resources on security best practices, and manages secure data sharing with third parties to protect Rubrik's critical information.
We are looking for a Senior Security Engineer to bridge traditional Security Operations with modern Data Engineering. In this pivotal role, you will oversee the daily operations of our SIEM ecosystem and contribute to the transition towards a Security Data Lake architecture. This is a hands-on, high-stakes position that utilizes programming, cloud technologies, and AI to protect our global multi-cloud environment.
Your Responsibilities:
- SIEM Administration: Manage daily operations of leading SIEM platforms (e.g., Splunk, Sentinel, Chronicle). This includes log ingestion from diverse sources such as network devices, third-party APIs, cloud services, and webhooks, along with schema normalization, health checks, user access management, and cost monitoring.
- Security Data Lake Operationalization: Build and maintain the infrastructure/platform for transferring security telemetry from raw sources into Snowflake, BigQuery, or Databricks. Optimize ingestion at scale for cost efficiency and empower the SOC and Threat Detection teams to utilize the Security Data Lake for search and analytics tasks.
- AI & Automation: Integrate AI tools and LLMs into daily operations; develop AI agents to automate Tier 1/2 SecOps functions such as incident investigation and response.
- Cross-Team Collaboration: Collaborate with global teams across time zones and manage stakeholder communications.
