Gravwell

Customer SIEM Engineer

Gravwell

full-time

Posted on:

Location Type: Remote

Location: United States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $120,000 - $210,000 per year

Tech Stack

LinuxPythonShell ScriptingSplunk

About the role

  • Lead the Onboarding Journey: Take full technical ownership of the customer relationship immediately following the sale, moving them from initial setup to a fully operational production environment.
  • Architect Data Pipelines: Design and implement complex data ingestion strategies using Gravwell Ingesters, focusing on efficient normalization and parsing.
  • Detection Engineering: Collaborate with customer security teams to build, test, and deploy advanced queries and alerting logic to identify threats and system anomalies.
  • Systems Engineering: Provide expert-level guidance on Linux system tuning, storage optimization, and resource management to ensure Gravwell clusters perform at peak efficiency.
  • Mission Support: Act as the primary technical point of contact for complex troubleshooting, helping customers navigate deep-tier technical hurdles in their environments.
  • Develop Technical Tooling: Write custom shell scripts, utilities, and automation workflows to streamline deployment and data manipulation tasks.
  • Feedback Loop: Act as a conduit between the customer and our core Engineering team, translating real-world usage challenges into prioritized product features.

Requirements

  • 3–5+ years in a highly technical role such as Security Engineer, SIEM Administrator, or Site Reliability Engineer (SRE).
  • Linux Power User: You should be comfortable living in the terminal. Deep knowledge of Linux internals, file systems, and performance tuning is a must.
  • Scripting & Automation: Proficiency in Shell scripting, Python, or Powershell for system management and tasks.
  • Detection Mindset: Strong understanding of security frameworks (MITRE ATT&CK) and the ability to translate TTPs into functional search queries and alerts.
  • Log Mastery: Experience with regex, JSON manipulation, and structured/unstructured data normalization.
  • SIEM Expertise: Hands-on experience managing or deploying enterprise-grade platforms (e.g., Splunk, Elastic, QRadar, or specialized syslog-ng/fluentd architectures).
  • Project Leadership: Ability to manage an onboarding timeline and guide multiple stakeholders through a technical mission.
Benefits
  • Work where your impact is direct, visible, and appreciated.
  • Full autonomy and trust to solve problems that we may not have known we had.
  • Flexible remote work setup with a strong support culture.
  • Access to mission-critical projects and real-world security data.
  • Help build a better analytics experience.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
data ingestionLinux system tuningstorage optimizationresource managementshell scriptingPythonPowershellregexJSON manipulationdata normalization
Soft Skills
project leadershipcustomer relationship managementtechnical troubleshootingcollaborationcommunication