Cribl Engineer; Expert
Listed on 2026-07-01
-
IT/Tech
Cybersecurity, Systems Engineer, Cloud Computing: Infrastructure & Operations, Data Engineering
Cribl Engineer (Expert)
Location:
Reston, VA
- College Park, MD- JBAB, DC Required Clearance: TS/SCI with Polygraph
Employment Type:
Full-Time Regular Shift: Day Travel:
Limited Relocation Assistance:
Yes
We are Ennoble First. The people supporting and securing some of the most complex government, defense, and intelligence projects across the country. We ensure today is safe and tomorrow is smarter. Our work has meaning and impact on the world around us, but also on us, and that's important. Ennoble First is your place. You make it your own by embracing autonomy, seizing opportunity, and being trusted to deliver your best every day.
We think. We act. We deliver. There is no challenge we can't turn into an opportunity.
Ennoble First is seeking an Expert Cribl Engineer to serve as the principal technical authority for enterprise observability pipelines built on Cribl Stream and Cribl Edge. This role is responsible for architecting, optimizing, and securing large-scale telemetry and logging infrastructures supporting mission-critical environments. The ideal candidate is a senior technologist with deep expertise in observability engineering, SIEM integration, telemetry pipeline architecture, and large-scale data engineering.
You will drive platform strategy, establish engineering standards, mentor technical teams, and serve as the highest-level escalation point for Cribl-related challenges across the enterprise.
- Lead architecture, design, and implementation of Cribl Stream and Cribl Edge deployments across multiple enclaves and data domains.
- Design and maintain high-throughput observability pipelines supporting multi-terabyte-per-day telemetry environments.
- Develop advanced routing, filtering, enrichment, replay, and transformation workflows to support operational and analytic requirements.
- Optimize platform performance through tuning of worker groups, topology design, queue management, transport mechanisms, and resource utilization.
- Engineer secure data flows utilizing encryption, masking, tokenization, RBAC, PKI/TLS, and governance controls.
- Integrate Cribl pipelines with enterprise SIEM, analytics, cloud, and telemetry platforms including Splunk, Elastic, Kafka, and cloud-native services.
- Develop and maintain high availability, disaster recovery, monitoring, and operational resilience strategies.
- Create reusable Cribl Packs, standardized pipeline patterns, engineering documentation, and operational runbooks.
- Serve as the senior technical escalation point for Cribl-related issues and coordinate directly with vendor engineering teams as required.
- Conduct architecture reviews, establish technical standards, and mentor engineers across the organization.
- Partner with security, cloud, analytics, infrastructure, and operations teams to define enterprise logging and telemetry strategies.
- Support continuous improvement initiatives focused on observability maturity, performance optimization, and operational excellence.
- Active TS/SCI clearance with Polygraph.
- Bachelor's degree in Computer Science, Information Systems, Engineering, Cybersecurity, or related field and 10+ years of relevant experience. Additional experience may be considered in lieu of a degree.
- 10+ years of experience supporting logging, observability, SIEM, or telemetry engineering environments.
- 5+ years designing, architecting, and operating enterprise-scale log and telemetry pipelines.
- 3+ years of hands-on experience with Cribl Stream and Cribl Edge in production environments.
- Demonstrated experience operating and scaling telemetry environments supporting 5–10+ TB/day of data ingestion.
- Expert-level knowledge of Splunk architecture, forwarding, ingestion pipelines, source type management, and indexing strategies.
- Strong Linux administration and troubleshooting experience.
- Experience with Python, Bash, Git, and automation tools such as Ansible and Terraform.
- Strong understanding of HTTP, TCP, TLS/mTLS, Kafka, S3, and other data transport and storage technologies.
- Experience designing secure data architectures utilizing encryption, RBAC, secrets management, and compliance controls.
- Demonstrated ability to lead technical teams, mentor engineers, and drive architectural decision-making.
- Cribl Certified Engineer (CCOE) certification or equivalent demonstrated expertise.
- Must possess the following DoD 8570.01-M certifications or be willing to obtain within 30 days of hire:
- Information Assurance Technician (IAT) Level II certification (currently Security+ CE, CCNA Security, GSEC, SSCP, CySA+, GICSP, or CND).
- Information Assurance Technician (IAT) Level III certification requirements (currently CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, or GCIH).
- Cyber Security Service Provider (CSSP) – Infrastructure Support certification requirements (currently CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND).
- Expertise developing and maintaining Cribl Packs and reusable pipeline…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).