Security Engineer - Log Gen Developer (redwood City)

Company Description  Anomali, a world-renowned platform leader in Security Operations, supercharges SecOps by fusing Lightspeed Security Analytics, Industry-Leading Cyberthreat Intelligence (CTI), AI-based automated threat hunting, alert orchestration, automated threat detection and incident response (TDIR) blocking, community intelligence sharing, exposure management, and dark web protection. Transforming CISOs into superheroes and analysts into SOC terminators.   Anomali's Platform offers: “Match” Next-Gen SIEM, “Lens” AI Threat Hunter, “ThreatStream” TIP, Anomali Integrator, Anomali ISAC, Anomali Attack Surface Management, and Anomali Digital Risk Protection, infused with Anomali AI.    Anomali bridges the gap between point solutions (EDR, NDR, SSE, RMM, CAASM, etc.) and replaces legacy SIEMs at 50% the cost, giving analysts easy-to-use tools that enable lightspeed detection & response. Anomali addresses the global shortage in cyber talent by empowering analysts to contain, eradicate, and block threats in seconds without complex SIEM queries, manual blocks, or long investigations.    Anomali delivers as a proprietary platform and disruptor to the security analytics world. Anomali can search billions of logs in seconds, correlating tens of millions of IoCs and IoAs across years of telemetry and logs often deleted or moved to cold storage.  At every point across the cyber kill chain, Anomali supercharges the SOC to detect, contain, and eradicate threats before organizational impact. 

Job Description Responsibilities:  Design and implement solutions that generate logs from Microsoft Azure services and other cloud and on-prem systems. Onboard new data sources. Analyze logs, identify, recommend, and improve current logging solutions.

Qualifications Required Skills/Experience: 

• A minimum of 1+ years of SIEM experience, and 1+ years of experience with SOAR, EDR tools, or log generation. • A minimum of 2+ years of experience in cybersecurity analysis, engineering or development. •  Experience with creating and maintaining API integrations with various tools. •  Experience with Windows, Linux, and MacOS operating systems. •  Experience with cloud services (GCP, AWS, Azure) and the logs they generate. •  Experience with log forwarding/collecting technologies (syslog, Elastic Beats, WEF/WEC, etc.) •  Experience with regular expressions. •  Skilled with Python, or a similar language.

Microsoft Azure Proficiency: •  Familiarity with implementing and managing Azure services, including but not limited to Virtual Machines (VMs), Storage Accounts, Network Security, Azure Functions, Azure Active Directory, Microsoft Defender for Cloud, Event Grid, Service Bus, and various database services.

Cybersecurity and Compliance: •  Understanding of security logging and monitoring requirements, including knowledge of common cybersecurity frameworks and compliance standards relevant to log management (e.g., NIST, SOC 2, GDPR). •  Experience in identifying and logging security events, incident response, and threat hunting.

Problem-solving Abilities: •  Capability to troubleshoot issues related to log generation, collection, and analysis, providing effective solutions promptly.

Desired Skills/Experience : • Microsoft Certified: Azure Administrator Associate, Splunk Certified Developer or Splunk Certified Architect • Certifications in cybersecurity (e.g., CISSP, CISM) • Prior experience with log analysis, identifying actionable insights to improve logging solutions, is a plus. • Prior work in a fast-paced, startup environment