Key Responsibilities
Security Observability Architecture
- Design and maintain a modern security observability stack leveraging Elastic (ELK/Elastic Cloud), OpenTelemetry, and AWS services (CloudTrail, CloudWatch, GuardDuty, Security Hub).
- Develop and optimize log ingestion pipelines using Filebeat, Logstash, Kinesis, Lambda, or Elastic Agent.
- Define and maintain data schemas, parsing logic, enrichment, and correlation rules.
Log & Telemetry Engineering
- Build scalable log collection architectures across AWS workloads, microservices, containers, and endpoints.
- Implement automated log normalization, tagging, and metadata strategies for better analytics and searchability.
- Ensure availability, data retention, and performance of the observability platform.
Threat Detection & Analytics
- Create detection rules, dashboards, and visualizations in Elastic SIEM/Kibana.
- Integrate AWS findings (GuardDuty, Macie, Inspector) into central observability dashboards.
- Implement behavioral analytics, anomaly detection, and early warning mechanisms.
Automation & DevSecOps Integration
- Automate observability deployments using Terraform, CloudFormation, or CI/CD pipelines.
- Develop scripts and automations in Python, Go, or Bash for data processing and alerting workflows.
- Support SOAR integrations for automated response actions.
Security Monitoring & Incident Support
- Support threat hunting, incident response, and forensic investigations with high-quality telemetry.
- Ensure alerts are actionable, tuned, and aligned with business risk.
- Participate in on-call rotation for critical security events.
Governance & Best Practices
- Define logging and telemetry standards for AWS environments and engineering teams.
- Ensure compliance with security frameworks (ISO 27001, SOC 2, NIST, CIS Benchmarks).
- Stay updated on emerging cloud security threats and tooling enhancements.
Your Future at Kyndryl
Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won't find anywhere else, including hands-on experience, learning opportunities, and certification programs. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here.
Who you are
You're good at what you do and possess the required experience to prove it. However, equally as important - you have a growth mindset keen to drive your own personal and professional development. You are customer-focused - someone who prioritizes customer success in their work. And finally, you're open and borderless - naturally inclusive in how you work with others.
Required Skills & Qualifications
- Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
- 3-7+ years of hands-on experience in security engineering, cloud security, or observability.
- Strong experience with:
- Elastic Stack (Elasticsearch, Logstash, Kibana, Beats, Elastic Agents)
