Job Title: Cybersecurity Specialist - Cyber Data Services Location: St. Paul, MN (Onsite) Duration: 6 months (possibility of extension)
Role Overview We are seeking a Cyber Specialist to enable and support internal product teams leveraging the client’s Cyber Data Lake. This is an internal customer-facing senior role that blends cybersecurity expertise, data-platform enablement, and hands-on onboarding execution. In this role, you will act as a trusted advisor to internal product, information technology, engineering, and security stakeholders, helping them successfully onboard, access, and operationalize cyber data for security analytics, detection, compliance, operational monitoring, and product security use cases. You will work across enterprise, cloud, IoT, and regulated environments, ensuring cyber data is usable, governed, and aligned to business and security objectives. This role focuses on cyber data readiness, adoption, and use, and partners closely with detection engineering, event detection, and incident response teams by enabling high-quality, accessible, and well-governed data. Operational detection and response activities remain owned by their respective teams.
Key Responsibilities Cyber Data Lake Onboarding & Enablement
Serve as the primary point of contact for internal customers onboarding cyber data into the Cyber Data Lake
Guide teams on platform capabilities, supported use cases, locales, data residency requirements, connectors, and onboarding prerequisites
Maintain an inventory of available and in-use connectors for the Cyber Data Lake
Support technical implementation for batch and streaming ingestion
Partner with platform and data engineering teams to validate pipelines, schemas, and data quality
Ensure structured, reusable, and well-governed cyber data onboarded for analytics, detection, and assurance
Internal Customer Support & Data Consumption
Provide ongoing enablement and support to product, engineering, detection engineering, and security teams
Assist with queries, reports, analytics, and dashboards using cyber data
Help internal customers interpret cyber events and telemetry for monitoring, detection tuning, and assurance
Act as a contact point for onboarding, access, or data-usage issues
Help teams mature from raw log ingestion to repeatable, value-driven analytics
Support for Detection Engineering & Incident Response Teams
Enable detection engineering teams with high-quality, consistently structured data suitable for detection development and tuning
Provide guidance on logging coverage, schemas, and data availability
Ensure required telemetry is accessible and retained to support investigation and analysis needs
Serve as a liaison between platform, detection, and response teams to address data gaps
Partner with incident response teams without performing IR operational activities
Advise on cybersecurity data requirements for regulated environments, including applications and platforms supporting medical devices
Support product security and IoT / connected product telemetry
Maintain and support RBAC and least-privilege access in the cyber data lake
Partner with legal, privacy, and compliance teams on regulatory alignment
Governance, Standards & Continuous Improvement
Develop and maintain onboarding and reporting standards, best practices, and documentation
Apply project or program coordination practices across onboarding efforts
Identify and address onboarding anti-patterns such as low-value ingestion or schema drift
Continuously monitor cyber data feeds for ingestion health, latency, and data quality issues
Proactively flag intake anomalies that may impact analytics, detection, or compliance use cases
Contribute to onboarding metrics, usage insights, and improvement initiatives
Represent cyber data platform perspectives in architecture and governance forums
Required Qualifications
4+ years of experience in security analytics or security data platforms
Experience in a technical, internal customer-facing role
Strong understanding of cybersecurity logging, events, and telemetry
Familiarity with Security Information and Event Management (SIEM) and data pipeline technologies and processes
Hands-on experience with security data lakes, SIEMs, or large-scale telemetry platforms
Experience with analytics, reporting, or dashboarding on security data
Understanding of RBAC in shared data environments
Experience working within global, regulated environments and supporting compliance requirements
Knowledge of product security including IoT or connected products
Strong written and verbal communication skills
Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or equivalent experience
Preferred Qualifications
Experience with modern data-lake or lakehouse platforms (e.g., Databricks, Snowflake, BigQuery)
Experience onboarding cyber or security data at scale
Experience supporting reporting and dashboarding from data-lake platforms
Program or project management experience
Experience working in global or multi-regional environments
Experience with the cyber regulatory landscape for medical devices
Relevant certifications such as CISSP, CCSP, cloud security certifications (AWS, Azure, or GCP), or equivalent security and data platform credentials.
Applicant Notices & Disclaimers
For information on benefits, equal opportunity employment, and location-specific applicant notices, click here
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position’s starting pay is: $ 47.00/hr.
