2024-06-22
CrowdStrike, Inc.
Other
/yr
employee
contract
Topeka
Vermont
98033
United States
CrowdStrike, Inc.
Full time
R19121
About the Role:
NGSIEM (next-generation security information and event management) aims to revolutionize the SIEM space by providing a single solution for managing and operating on security data. A foundational pillar of the NGSIEM strategy is the content, schema and community (security analysts, content creators, partners and customers) that leverage our platform to power security use cases. We are looking for a senior leader to build out and manage this ecosystem. This role will require close collaboration with security analysts, content creators (detection rules), product management, engineering and partners.
This role has a strong preference to candidates in the US, but is also open to candidates located in India.
The Team:
The NGSIEM team is responsible for building out our SIEM product which includes data ingestion, data parsing and normalization, data storage and retrieval and incidents and detection management. The team is distributed across India, Europe, the US, and Australia. This is a cross functional team of engineers, product managers, program managers, content experts and technical operations who are chartered with the mission of building the most compelling SIEM solution in the security industry.
What You’ll Do:
Schema definition, maintenance and governance - Defining and creating a schema that allows us to build a normalized data repository from first and third party data.
Parser development and lifecycle management - Development and Maintenance using a low-code/no-code platform experience. Primarily focuses on data normalization, filtering and enrichment.
Building and maintaining third party integrations (for data ingestions and SOAR actions) by leveraging capabilities in CrowdStrikes platform.
Maintenance of a lab environment required for maintenance of a third party integration ecosystem.
Create and maintain test data bundles for third party integrations.
10+ years of relevant experience
Experience in building and maintaining large taxonomies and schemas.
Experience with data transformation and normalization.
Prior experience with building third party integrations and running integration labs for cybersecurity.
Leading and growing teams in cross functional and geographically distributed environment
Familiarity with ECS (Elastic Common Schema) or any cybersecurity schema systems is a plus
Experience working in cybersecurity or intelligence fields
Experience with security content development and management.
#HTF
We are committed to fostering a culture of belonging where everyone feels seen, heard, valued for who they are and empowered to succeed. Our approach to cultivating a diverse, equitable, and inclusive culture is rooted in listening, learning and collective action. By embracing the diversity of our people, we achieve our best work and fuel innovation - generating the best possible outcomes for our customers and the communities they serve.
PI242612335
