Job Description
The main objective of the CSOC Engineering team is to design, develop, implement, and manage dataflow pipelines and integrate them with SIEM platforms such as Sentinel and Splunk. The data onboarded to SIEM is crucial for CSOC Analysts and for the content development and SOAR Engineers to develop monitoring alerts and automation playbooks. Collaboration with internal and external stakeholders, including Novartis' internal teams, external vendors, and Product/Platform engineers, will be a crucial aspect of this role. The CSOC Engineer will work closely with application owners to understand and integrate various datasources, utilizing services such as Cribl, Syslog NG, Azure Monitoring Agent, Universal Forwarder, and others. The CSOC Engineering Lead will partner closely with stakeholders across TDR, THR, Forensic, Content Development, and SOAR teams. Their expertise and collaboration will be instrumental in quickly resolving data onboarding requests and any issues with...