We are looking for a highly experienced SIEM / Syslog Expert with deep hands-on expertise in syslog-ng, log ingestion pipelines, and large-scale event processing. The role requires strong understanding of syslog internals, filtering strategies, performance tuning, and reliability engineering to build efficient, scalable, and foolproof log ingestion systems.

Requirements

  • Design, implement, and optimize syslog-ng configurations for high-volume log ingestion environments.
  • Develop and maintain complex filtering logic to ensure accurate routing, normalization, and noise reduction of logs.
  • Analyze and improve log pipeline performance (CPU, memory, latency, throughput).
  • Build efficient, scalable, and fault-tolerant syslog architectures.
  • Troubleshoot issues related to: High CPU/memory usage, Message drops / backpressure, Ordering and duplication issues, Network/TCP/TLS ingestion problems.
  • Optimize buffering, batching, and flow control mechanisms in syslog-ng.
  • Work closely with SIEM platforms (e.g.Securonix, Splunk, ELK) to ensure seamless ingestion.
  • Ensure log integrity, reliability, and completeness across the pipeline.
  • Implement best practices for: Log parsing (RFC3164, RFC5424), Structured vs unstructured logs, Secure syslog (TLS).
  • Perform capacity planning and load testing for syslog pipelines.
  • Create test frameworks to validate syslog filters and configurations.
  • Document standards, guidelines, and reusable configurations.

Benefits

  • Competitive salary
  • Benefits package
  • Opportunities for growth and professional development