Cribl Engineer (Expert)

Cribl Engineer (Expert)

Location: Reston, VA- College Park, MD- JBAB, DC

Required Clearance: TS/SCI with Polygraph

Employment Type: Full-Time Regular

Shift: Day

Travel: Limited

Relocation Assistance: Yes

Company Overview

We are Ennoble First. The people supporting and securing some of the most complex government, defense, and intelligence projects across the country. We ensure today is safe and tomorrow is smarter. Our work has meaning and impact on the world around us, but also on us, and that's important. Ennoble First is your place. You make it your own by embracing autonomy, seizing opportunity, and being trusted to deliver your best every day. We think. We act. We deliver. There is no challenge we can't turn into an opportunity.

Position Overview

Ennoble First is seeking an Expert Cribl Engineer to serve as the principal technical authority for enterprise observability pipelines built on Cribl Stream and Cribl Edge. This role is responsible for architecting, optimizing, and securing large-scale telemetry and logging infrastructures supporting mission-critical environments.

The ideal candidate is a senior technologist with deep expertise in observability engineering, SIEM integration, telemetry pipeline architecture, and large-scale data engineering. You will drive platform strategy, establish engineering standards, mentor technical teams, and serve as the highest-level escalation point for Cribl-related challenges across the enterprise.

Primary Responsibilities

• Lead architecture, design, and implementation of Cribl Stream and Cribl Edge deployments across multiple enclaves and data domains.
• Design and maintain high-throughput observability pipelines supporting multi-terabyte-per-day telemetry environments.
• Develop advanced routing, filtering, enrichment, replay, and transformation workflows to support operational and analytic requirements.
• Optimize platform performance through tuning of worker groups, topology design, queue management, transport mechanisms, and resource utilization.
• Engineer secure data flows utilizing encryption, masking, tokenization, RBAC, PKI/TLS, and governance controls.
• Integrate Cribl pipelines with enterprise SIEM, analytics, cloud, and telemetry platforms including Splunk, Elastic, Kafka, and cloud-native services.
• Develop and maintain high availability, disaster recovery, monitoring, and operational resilience strategies.
• Create reusable Cribl Packs, standardized pipeline patterns, engineering documentation, and operational runbooks.
• Serve as the senior technical escalation point for Cribl-related issues and coordinate directly with vendor engineering teams as required.
• Conduct architecture reviews, establish technical standards, and mentor engineers across the organization.
• Partner with security, cloud, analytics, infrastructure, and operations teams to define enterprise logging and telemetry strategies.
• Support continuous improvement initiatives focused on observability maturity, performance optimization, and operational excellence.

Required Qualifications

• Active TS/SCI clearance with Polygraph.
• Bachelor's degree in Computer Science, Information Systems, Engineering, Cybersecurity, or related field and 10+ years of relevant experience. Additional experience may be considered in lieu of a degree.
• 10+ years of experience supporting logging, observability, SIEM, or telemetry engineering environments.
• 5+ years designing, architecting, and operating enterprise-scale log and telemetry pipelines.
• 3+ years of hands-on experience with Cribl Stream and Cribl Edge in production environments.
• Demonstrated experience operating and scaling telemetry environments supporting 5-10+ TB/day of data ingestion.
• Expert-level knowledge of Splunk architecture, forwarding, ingestion pipelines, source type management, and indexing strategies.
• Strong Linux administration and troubleshooting experience.
• Experience with Python, Bash, Git, and automation tools such as Ansible and Terraform.
• Strong understanding of HTTP, TCP, TLS/mTLS, Kafka, S3, and other data transport and storage technologies.
• Experience designing secure data architectures utilizing encryption, RBAC, secrets management, and compliance controls.
• Demonstrated ability to lead technical teams, mentor engineers, and drive architectural decision-making.
• Cribl Certified Engineer (CCOE) certification or equivalent demonstrated expertise.
• Must possess the following DoD 8570.01-M certifications or be willing to obtain within 30 days of hire:
  • Information Assurance Technician (IAT) Level II certification (currently Security+ CE, CCNA Security, GSEC, SSCP, CySA+, GICSP, or CND).
  • Information Assurance Technician (IAT) Level III certification requirements (currently CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, or GCIH).
  • Cyber Security Service Provider (CSSP) - Infrastructure Support certification requirements (currently CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, or CND).

Preferred Qualifications

• Expertise developing and maintaining Cribl Packs and reusable pipeline frameworks.
• Experience supporting AWS, Azure, hybrid cloud, or multi-cloud telemetry architectures.
• Experience supporting cross-domain solutions and secure data movement architectures.
• Familiarity with NIST, CIS, and other cybersecurity control frameworks.
• Experience building observability frameworks for large-scale distributed systems.
• Experience working directly with Cribl Professional Services, product teams, or vendor escalation channels.
• Experience supporting Intelligence Community, DoD, or National Security mission environments.

Pay Range

$160,000-$200,000

The Ennoble First pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Equal Employment Opportunity

Ennoble First is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to any characteristic protected by law.

E-Verify Participation

Ennoble First participates in E-Verify. Learn more at www.dhs.gov/E-Verify .

E-Verify is a registered trademark of the U.S. Department of Homeland Security.

Ennoble First is committed to providing a diverse and inclusive work environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

Ennoble First participates in E-Verify.

The information below will be listed on our website's careers landing page.

EEO is the Law | Pay Transparency Nondiscrimination

www.dhs.gov/E-Verify

E-Verify is a registered trademark of the U.S. Department of Homeland Security. This business uses E-Verify in its hiring practices to achieve a lawful workforce.