Job Description

Salary: 101,400 - 183,300 USD per year Requirements:

• We require candidates to have an active DoD Secret security clearance with the ability to obtain TS/SCI. Additionally, you should possess a DoD 8570 IAT level II or higher certification such as CompTIA Security+ CE, ISC2 SSCP, or SANS GSEC prior to starting. A DoD 8570 CSSP-A level Certification (e.g., CEH, CySA+, GCIA) is needed within 180 days of hire. We expect a demonstrated commitment to training, self-study, and maintaining proficiency in the technical cybersecurity domain. A Bachelor's degree along with 8+ years of prior relevant experience is required, although additional experience or Cyber courses/certifications may substitute for the degree. You should have in-depth knowledge of the architecture, engineering, and operations of Elastic Stack. Strong written and oral communication skills, analytical skills, and the capability to think critically and work independently are essential.

Responsibilities:

• As a Senior Cyber Security Analyst/Elastic Detection Engineer, I will develop SIEM/SOAR capabilities to support our Cyber Security Service Provider (CSSP) services. My primary responsibilities will include monitoring and optimizing the performance of Elastic Stack clusters to ensure high availability, reliability, and performance. I will work with the site threat emulation/analytic development team to maximize detection opportunities referenced to the MITRE ATT&CK framework. Customer visualization support is also part of my role, where I will support customer-driven visualization requirements and collaborate on data integration and Kibana dashboard development. Additionally, I will design, develop, and maintain custom dashboards using Elastic Stack for monitoring and visualization of system metrics, logs, and traces. Comprehensive documentation for Elastic Stack configurations, processes, and procedures will need to be created and maintained.

Technologies:

• Bash
• Support
• Kibana
• Linux
• Network
• PowerShell
• Python
• Security
• TCP/IP
• Unix
• ElasticSearch

More:

We are looking for a candidate who has experience in cyber analysis/incident response, data onboarding, content development, configuration, troubleshooting, reporting, and visualizations. Technical expertise in Elastic Stack, a deep understanding of SIEM architecture, and hands-on experience with data ingestion, tuning, and monitoring in secure environments are crucial. Preferred qualifications include CND experience within a Computer Incident Response organization, advanced certifications in Elastic Stack or SIEM, and a strong knowledge of SIEM systems, data pipelines, and threat detection methodologies. Candidates should understand the life cycle of network threats and have advanced knowledge of TCP/IP, networking ports, and protocols. Experience with Unix/Linux command lines, scripting and programming languages (like PowerShell, bash, or Python), and familiarity with Intelligence Driven Defense and/or Cyber Kill Chain methodologies will be advantageous.

The pay range for this position is anticipated to be between $101,400.00 and $183,300.00. Please note that this is a general guideline and not a guarantee of compensation. Factors such as job responsibilities, education, experience, knowledge, skills, and abilities will also be considered in determining the final offer.

Job Tags

Full time,

Similar Jobs