Job Summary:
We are seeking a highly skilled and proactive KNIME Analyst to join our Security Analytics and Risk Management team.
In this role, you will be responsible for developing and optimizing KNIME workflows that power our security monitoring, threat intelligence, compliance reporting, and risk assessment processes.
Responsibilities:
- Design, develop, and maintain KNIME workflows that support security data ingestion, transformation, enrichment, and analysis.
- Automate complex data processing tasks for use cases such as:
- SIEM data parsing and normalization
- Vulnerability and threat intelligence integration
- Security incident trend analysis
- Regulatory compliance reporting (e.g., ISO 27001, NIST, GDPR, HIPAA)
- Integrate KNIME with security tools, log management platforms (e.g., Splunk, Elastic), databases, and external APIs to aggregate and correlate multi-source security data.
- Build robust validation, error-handling, and alerting mechanisms within workflows to ensure data integrity and reliability in security-critical environments.
- Work with structured, semi-structured, and unstructured data sources to extract security insights and support automated reporting and dashboards.
- Support audits and compliance efforts by building KNIME workflows that track controls, user activity, data access, and risk scoring.
- Partner with cybersecurity analysts and SOC teams to enable real-time and batch processing pipelines that align with operational needs.
- Create modular, reusable KNIME components for security reporting and risk scoring.
- Maintain workflow documentation, version control (Git), and CI/CD processes for deploying workflows into production.
Requirements:
- Bachelor's or Master's degree in Computer Science
- 4–7 years of overall experience in data security analytics with at least 3 years of focused experience with KNIME.
- Strong understanding of security operations, cyber threat intelligence, compliance frameworks, and data privacy regulations.
- Hands-on experience integrating KNIME with SIEM platforms, security data lakes, and third-party APIs (e.g., VirusTotal, Shodan, AlienVault OTX).
- Proficient in SQL and working with data from sources like Oracle, PostgreSQL, MS SQL Server, and NoSQL systems.
- Familiarity with security log formats, such as syslog, NetFlow, PCAP, JSON, XML.
- Strong scripting knowledge in Python, Shell, or Java, especially in the context of KNIME extension and API interaction.
- Demonstrated ability to manage workflow performance, scalability, and exception handling.
- Comfortable working in highly regulated environments and handling sensitive security data with utmost confidentiality.
- KNIME Server experience (scheduling, remote execution, permissions)
- Experience with cloud-native security and log pipelines (e.g., AWS Security Hub, Azure Sentinel, GCP SCC)
- Familiarity with risk scoring frameworks like CVSS, MITRE ATT&CK, and FAIR.