As an Integration Engineer, you will play a crucial role in ensuring that NXLog products operate well with third-party solutions and they can collect from and send log data to a wide variety of solutions and products. This includes conducting research on SIEM integration, writing configuration files for NXLog agent, writing integration guides, and creating these on the SIEM side: dashboards, reports, and mostly detection rules.
Your daily tasks and responsibilities:
Writing configuration files, mostly connecting input sources with target SIEMs, and doing log normalization inside the NXLog ecosystem (using our NXLog modules).
Providing material about various product integrations mostly creating exact use cases about how certain customers would use NXLog with a SIEM. Create as much value as possible, so that customers are motivated to buy.
Explore SIEM vendors' features and benefits.
Be in touch with Technical Support, Presales, Marketing, and QA teams with any product integration-specific topics, that can be useful intel for the product.
Work with product managers and developers suggesting enhancements to the products to improve user experience.
Be passionate about closing the gap that occurs as a constant development of NXLog and third-party vendor technology ensuring the interoperability of our products.
Research and integrate NXLog products with third-party solutions and new technologies that emerge. Create professional business documentation and present it for internal use.
Up-to-date knowledge of our products and their capabilities.
Write scripts using Perl, Python, Bash, or even Rust.
Follow up on new hardware and software products, and technologies.
Requirements:
Experience with at least one of the following log management tools and SIEM products: QRadar, Google Chronicle, Microsoft Sentinel, ArcSight, Splunk, Securonix, Snare, syslogd, Logstash, Kafka, ELK, Graylog, etc.
Understanding the business aspects of SIEM solutions, why are customers paying for them, and how the business end of a SIEM works.
Good knowledge of protocols, including networking (e.g. TCP, UDP) and application layer (e.g. DNS, DHCP) protocols
Experience with RDBMS and NoSQL solutions
Familiarity with cloud platforms (AWS, Azure, GCP)
VM and container technologies (VMWare, KVM, LXC, Docker)
Operating systems knowledge (Linux, Windows, MacOS)
Proficiency in scripting languages like: python, shell, perl, powershell
Passionate to work with Linux systems while also feeling at home on Windows, or on Mac
Excellent debugging, troubleshooting, and problem-solving skills with relevant tooling knowledge
BS degree in Information Technology, Computer Science, or relevant field
Experience in technical leadership and people management.
Professional experience: 4+ years
Nice to have: Professional experience working with SIEM vendors: 1+ years
Most importantly you should be a quick learner and eager to jump on and understand new technologies.