About Cognizant Corporate

Cognizant Corporate is a global community united by a shared purpose: to make a meaningful impact. We are committed to excellence and driven by outcomes that matter. Collaboration is at the heart of how we work, and our forward-thinking mindset fuels continuous learning, innovation, and growth.

At Cognizant, careers transcend titles. We empower our people to think strategically, inspire others, and lead with purpose – always guided by our core values. Join us in shaping future of business.

About the role

As a Log Onboarding Engineer, you will drive impactful contributions and focus on outcomes. You will be a key member of the Cybersecurity team, collaborating with Dinesh Padmanabhan. As a member of Corporate Security’s (CS) Global Cyber Operations (GCO) team, Log Onboarding Engineer is responsible for the integration, routing, transformation, and optimization of log data using Cribl Stream and Cribl Edge platforms. The engineer builds and maintains pipelines, implements data shaping logic, ensures metadata normalization, and supports compliance-driven retention or masking policies. Successful candidates must be inquisitive, detail-oriented, and have strong problem-solving skills to quickly address anomalies. Ideally the candidates for this role thrive in diverse and fast-paced environments. As a team of self-starters, you can work with impact with our vibrant people and culture all while enjoying unmatched learning opportunities.

In this role, you will:

- Design and implement Cribl pipelines for routing, filtering, enriching, and transforming logs from diverse log sources.

- Onboard new log sources from infrastructure, cloud, applications, and security tooling (e.g., firewalls, proxies, EDR, cloud APIs).

- Create source-specific configurations and route logs to designated destinations like Splunk, Elastic, S3, Kafka, or data lakes.

- Develop parsing, metadata tagging, masking, and enrichment logic to normalize log events across formats and vendors.

- Manage Cribl Worker Groups, Edge Nodes, and Stream routes for scalable ingestion performance.

- Implement logic to drop noisy events, reduce duplication, and optimize license usage in downstream SIEM platforms.

- Troubleshoot ingestion issues, pipeline errors, source latency, and message drops with Cribl diagnostics.

- Coordinate onboarding activities with detection engineers, platform engineers, and asset owners.

- Build dashboards or logging metrics to monitor onboarding status, coverage completeness, and success/failure rates.

- Maintain up-to-date documentation of data flows, onboarding configurations, and source dictionaries.

- Support audits, compliance requests, and secure handling policies by applying redaction, masking, or suppression logic where needed.

- Participate in continuous improvement of log taxonomy standards, source naming conventions, and schema registries

- Embrace our vibrant culture by striving for excellence, focusing on meaningful outcomes, and collaborating effectively. Take ownership, build relationships, and focus on personal growth to drive business strategy and foster an inclusive culture, creating unmatched career opportunities and impactful work.

What you must have to be considered

· Bachelor’s degree in Information Security, Computer Science, or a related technical field.

· 3+ years of experience in log management, SIEM onboarding, or data pipeline development.

• A strong sense of ownership, desire to create meaningful outcomes, and passion for work that serves a greater good for customers, communities, or global challenges.
• The embodiment of Cognizant’s Values of: Work as One, Dare to Innovate, Raise the Bar, Do The right Thing, & Own It

These will help you succeed

· Hands-on experience with Cribl Stream and Cribl Edge platform operations and configuration.

· Strong understanding of log formats (JSON, syslog, CEF, LEEF, XML), parsing, and normalization.

· Familiarity with data forwarding into platforms like Splunk, Elastic, S3, Kafka, and cloud-native tools (e.g., AWS CloudWatch, Azure Monitor).

· Experience with scripting or data manipulation (e.g., JavaScript, Regex, YAML, Python).

· Preferred certifications: Cribl Certified Observability Engineer, Splunk Admin, Elastic Certified Engineer.

Work model – Expected to be in cognizant office on all business days

The working arrangements for this role are accurate as of the date of posting. This may change based on the project you’re engaged in, as well as business and client requirements. Rest assured; we will always be clear about role expectations.

We're excited to meet people who share our mission and can make an impact in a variety of ways. Don't hesitate to apply, even if you only meet the minimum requirements listed. Think about your transferable experiences and unique skills that make you stand out as someone who can bring new and exciting things to this role.

The Cognizant community:
We are a high caliber team who appreciate and support one another. Our people uphold an energetic, collaborative and inclusive workplace where everyone can thrive.

• Cognizant is a global community with more than 300,000 associates around the world.
• We don’t just dream of a better way – we make it happen.
• We take care of our people, clients, company, communities and climate by doing what’s right.
• We foster an innovative environment where you can build the career path that’s right for you.

About us:
Cognizant is one of the world's leading professional services companies, transforming clients' business, operating, and technology models for the digital era. Our unique industry-based, consultative approach helps clients envision, build, and run more innovative and efficient businesses. Headquartered in the U.S., Cognizant (a member of the NASDAQ-100 and one of Forbes World’s Best Employers 2025) is consistently listed among the most admired companies in the world. Learn how Cognizant helps clients lead with digital at www.cognizant.com

Cognizant is an equal opportunity employer. Your application and candidacy will not be considered based on race, color, sex, religion, creed, sexual orientation, gender identity, national origin, disability, genetic information, pregnancy, veteran status or any other characteristic protected by federal, state or local laws.

Disclaimer: 
Compensation information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.

Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government issued ID during each interview.