Senior Cybersecurity Engineer /Information Security/ Elastic SIEM Lead

I would like to introduce myself as Syed Abrar, an Account Manager of recruitments with Marvica Technologies LLC in Cumming, Georgia. We found your resume online and might have an opportunity matching your skills. If you are interested, kindly review the job description below and let me know if you are available. Call me as soon as possible.

JobTitle: Senior Cybersecurity Engineer /Information Security/ Elastic SIEM Lead

Location: REMOTE

Duration: Long Time

Job Description :-

Experience

• 10 12 years of overall experience in Cybersecurity / Information Security
• 5 6 years of hands-on experience with Elastic Stack (ELK / Elastic Security)
• Monitoring and Investigation experience is required

Job Summary

We are seeking a highly experienced Cybersecurity professional with deep expertise in Elastic SIEM and security analytics. The role involves designing, implementing, and managing Elastic-based security monitoring solutions, leading threat detection initiatives, and supporting incident response and SOC operations across enterprise environments.

Key Responsibilities

Elastic SIEM & Security Operations

• Design, deploy, and manage Elastic Stack (Elasticsearch, Logstash, Kibana, Beats / Elastic Agent)
• Implement and maintain Elastic Security (SIEM & EDR) solutions
• Develop, tune, and optimize detection rules, alerts, and dashboards
• Map detections to MITRE ATT&CK framework
• Perform log onboarding for security devices, servers, endpoints, and cloud platforms

Threat Detection & Incident Response

• Monitor and analyze security events to identify threats, anomalies, and intrusions
• Lead incident investigations, root cause analysis, and forensic activities
• Support SOC teams with advanced threat hunting using Elastic
• Reduce false positives and improve detection accuracy

Log Management & Data Engineering

• Build and optimize log ingestion pipelines using Logstash and Ingest Pipelines
• Normalize and enrich security data from multiple sources
• Ensure scalability, performance tuning, and index lifecycle management (ILM)

Cloud & Endpoint Security

• Integrate Elastic with AWS / Azure / Google Cloud Platform security logs
• Monitor Kubernetes, containers, and cloud-native workloads
• Implement and manage Elastic Endpoint Security (EDR)

Leadership & Collaboration

• Act as technical lead for Elastic SIEM initiatives
• Mentor junior analysts and engineers
• Work closely with SOC, IR, DevOps, and compliance teams
• Support audits, risk assessments, and compliance requirements

Required Skills & Qualifications

Technical Skills

• Strong expertise in Elastic Stack (ELK) and Elastic Security
• Experience with SIEM, SOC operations, and threat hunting
• Proficiency in Linux, networking, TCP/IP, DNS, HTTP
• Scripting skills (Python, Bash, or similar)
• Experience with REST APIs and JSON
• Strong understanding of attack vectors, malware, and adversary tactics

Security Knowledge

• Incident response & digital forensics
• Threat intelligence and use case development
• MITRE ATT&CK, kill chain, IOC management
• Knowledge of compliance frameworks (ISO 27001, SOC 2, PCI-DSS preferred)

Preferred / Nice to Have

• Elastic Certified Engineer / Analyst
• Experience with Splunk, QRadar, or other SIEMs
• Cloud security certifications (AWS/Azure/Google Cloud Platform)
• CISSP, GCIA, GCIH, or similar certifications

Soft Skills

• Strong analytical and problem-solving skills
• Ability to work in high-pressure incident situations
• Excellent communication and documentation skills
• Leadership and mentoring mindset

Please send the updated resume to or reach me at . Referrals are welcome!

Thanks & Regards,

Syed Abrar

Account Manager || Marvica Technologies LLC

Phone : +1

Email :

Website : https://

Follow us on Marvica page :