Security Data Analytics Engineer

About the position

We are seeking an advanced Security Data Analytics Engineer to build, optimize, and operate the data layer powering a cryptographic discovery and quantum-vulnerability detection platform. This role demands deep expertise in large-scale data pipeline engineering, custom detection algorithm development, and security analytics at scale. The right candidate combines the rigor of a data engineer with the instincts of a security analyst, and can turn raw cryptographic telemetry into actionable operational intelligence.

Responsibilities

• Design, build, and optimize high-throughput data ingestion pipelines using Apache Kafka for real-time telemetry streaming.
• Develop large-scale transformation and enrichment workflows on Databricks / Apache Spark; ensure pipeline reliability, observability, and performance at enterprise scale.
• Maintain data quality, schema governance, and lineage documentation across all pipeline stages.
• Write and deploy custom detection algorithms targeting non-compliant cryptographic protocols — including outdated TLS versions, weak SSH key configurations, and deprecated cipher suites.
• Develop detection logic for quantum-vulnerable algorithms (e.g., RSA, ECC) across enterprise network traffic and cryptographic inventories.
• Continuously tune detection models based on operational feedback, false positive rates, and evolving threat intelligence.
• Partner directly with DoW threat hunters to translate raw cryptographic discovery data into structured, analyst-ready datasets.
• Build and maintain interactive dashboards (Tableau, Grafana) for executive reporting on cryptographic posture and quantum-vulnerability exposure.
• Develop and document analytic methodologies; produce findings briefs and technical reports for government stakeholders.

Requirements

• Active TS/SCI clearance (no exceptions).
• 5+ years of data engineering or security analytics experience, including production-grade pipeline development.
• Advanced proficiency in SQL and Python — including pandas, PySpark, and data manipulation at scale.
• Hands-on experience with Databricks and/or Apache Spark for large-scale data transformation.
• Working knowledge of Apache Kafka for real-time streaming ingestion.
• Deep familiarity with security log formats, cryptographic protocols (TLS, SSH, PKI), and network telemetry.

Nice-to-haves

• Experience building cryptographic discovery or PKI inventory tooling.
• Familiarity with post-quantum cryptography (PQC) standards (NIST SP 800-208 / FIPS 203/204/205) and quantum-vulnerable algorithm identification.
• Experience developing dashboards in Tableau and/or Grafana for executive-level consumption.
• Background in threat hunting, SIEM engineering, or security operations analytics.
• Databricks Certified Associate Developer for Apache Spark or equivalent certification.

Benefits

• Medical, dental, and vision coverage
• 401(k) retirement plan
• Life insurance
• Generous paid time off
• Short and long-term disability
• Professional development