Observability Engineer

Software Security Firm looking for Observability EngineerThis Jobot Consulting Job is hosted by: John ErwinAre you a fit? Easy Apply now by clicking the "Apply" button and sending us your resume.Salary: $50 - $80 per hourA bit about us:We are a Software Consulting firm working with enterprise and start companies that are AI driven and we are developing some of the most cutting edge software/security solutions platforms in the worldWhy join us? Competitive Compensation Work on incredible projects that are fun and challenging Full Benefits (Medical, Vision, Dental) 401k Long term Contract to Hire opportunity Job Detailsseeking a mid-level Security Observability Engineer who will own the design, implementation, and maintenance of the security telemetry pipelines customer detection, response, and reporting functions depend on.

Working closely with customer platform and security engineering peers, you will onboard log sources, engineer data pipelines, stand up SIEM and security data platforms, and build the dashboards and reporting surfaces that make posture and coverage visible. This position is based in our SF office on a hybrid schedule; candidates outside the Bay Area who are willing to travel regularly are also encouraged to apply. RESPONSIBILITIES Design, deploy, and maintain log source integrations across identity (Okta, Azure AD), cloud (AWS, GCP, Azure), endpoint (CrowdStrike, SentinelOne), SaaS (Google Workspace, GitHub, Salesforce), and network layers.

Perform telemetry gap analyses against customer environments and detection requirements to identify coverage blind spots. Normalize, parse, and enrich security telemetry so downstream detection, hunting, and analytics workflows receive reliable data. Deploy and configure SIEM and security data platforms (Panther, Microsoft Sentinel, Splunk) and the data stores behind them (Snowflake or other cloud data platforms).

Apply infrastructure-as-code practices (Terraform, CloudFormation, Pulumi) to SIEM configuration, connector management, and data pipeline lifecycle. Build dashboards, metrics, and reporting surfaces that give customers clear visibility into security posture, telemetry coverage, and operational health. Manage retention, tiering, and cost for security data in cloud-native architectures.

Write and maintain documentation, runbooks, and architecture decision records (ADRs) for pipelines, integrations, and platform configurations. QUALIFICATIONS 3 to 5 years of experience in security observability, detection engineering, security data engineering, or a related technical role. Hands-on experience onboarding log sources and building telemetry pipelines into at least one major SIEM or security data platform.

Working proficiency in one or more query languages: SQL, KQL, SPL, CQL, PantherFlow, or SnowSQL. Familiarity with log sources and security telemetry across endpoint, identity, cloud, SaaS, and network layers. Proficiency in Python or similar scripting language for automation, tooling, and integration work.

Solid understanding of modern cloud architectures (containers, Kubernetes, serverless, microservices, APIs) and how telemetry flows through them. Excellent communication skills with the ability to translate pipeline architecture and coverage status into actionable recommendations for customer platform and security teams. Must be located in the SF Bay Area or willing to travel to our San Francisco office on a regular cadence.

NICE TO HAVE Relevant certifications such as CCSK, CCSP, AWS Security Specialty, or GCDA. Experience with Snowflake or other cloud data platforms in a security analytics context. Hands-on experience with CSPM/CNAPP platforms (Wiz, Orca, Prisma Cloud, Lacework).

Background in data engineering, platform engineering, or SRE prior to security. Interested in hearing more? Easy Apply now by clicking the "Apply" button.