Elastic SIEM Cyber Engineer

Elastic, Elastic stack, ELK, SIEM, ECE, Elastic Cloud Enterprise, ELK SIEM, Elastic Clusters, Ansible, Python, Linux, Data Nodes, Databases, Data analysis, Data retention, Elasticsearch, Engineering, Integration, Kibana, Open source, Security clearance
Full Time
$145,000 - $160,000
Travel not required

Job Description

ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Elastic SIEM Cyber Engineer who has experience managing an Elastic Cloud Enterprise & Elasticsearch platform in the federal market. You will be focused on the day-to-day operations and improvement of the ECE cluster utilized as the SIEM function. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.

 

Roles and Responsibilities

 

  • Elastic SIEM solution development, integration, platform architecture, and capacity planning in mission-critical environments
  • Deploying additional Elastic clusters using infrastructure as code (Ansible playbooks)
  • Maintain, secure, and upgrade ECE deployments
  • Integrate log and sensor data into ELK
  • Data modeling, query development and optimization, cluster tuning and scaling with a focus on fast search and analytics at scale
  • Streamline cybersecurity tactics, techniques and procedures
  • Create dashboards and reports in ELK
  • Leverage data analytics can machine learning algorithms for cyber operations
  • Provide adoption awareness and training for the ELK SIEM
  • Working with a multi-tenant platform and working with tenants to understand requirements
  • Providing subject matter expertise to assist the rest of the team in their roles

 

Required Skills

 

  • 4+ years of experience with IT with a focus in Linux sysadmin, databases, containers or cyber operations
  • 3+ years of experience with hands on operations of sizing, monitoring, and management, and open-source tools, including Kafka, Logstash, Beats, Elasticsearch, Kibana, and Splunk
  • Knowledge of planning and executing data retention and life cycle management plans
  • Hands-on experience administrating Elasticsearch clusters (10+ Data nodes)
  • Knowledge of information retrieval and/or analytics domain
  • Experience with load balancing, DNS, TLS certificate generation and SAML integration.
  • Experience working with data solutions in a public sector
  • Excel at working directly with customers to gather, prioritize, plan and execute solutions to customer business requirements as it relates to our technologies
  • Familiar with SOC operations, open-source security frameworks, and Linux

 

 Location

  • Alexandria, VA

 

Security Clearance

  • Must have an active Secret Clearance
Dice Id : 91085370
Position Id : 6967894
Originally Posted : 1 year ago
Have a Job? Post it

Similar Positions

Elastic Engineer II (Remote)
  • Zachary Piper Solutions, LLC
  • Reston, VA, USA
SIEM Engineer
  • True Team Partner
  • Washington, DC, USA
SIEM Engineer
  • Inquisit Inc
  • Washington, DC, USA
Cybersecurity Engineer (Cyber Network Analysis Tech 3)
  • HII's Technical Solutions Division
  • Washington, DC, USA
Cybersecurity Engineer - SME III (Cyber Network Analysis Tech 4)
  • HII's Technical Solutions Division
  • Washington, DC, USA
Senior Cyber Software Engineer (Engineer Software 4) - 8258
  • HII's Technical Solutions Division
  • Herndon, VA, USA
Army Tactical Elastic Engineer
  • Electronic Consulting Services, Inc (ECS Federal)
  • Aberdeen, MD, USA
Remote - Senior Software Engineer - Platform
  • CrowdStrike, Inc.
  • Washington, DC, USA
Cybersecurity Engineer (Zero Trust Architectures)
  • ShorePoint, Inc
  • Arlington, VA, USA
Cyber Security Engineer
  • Hogan Lovells US LLP
  • Washington, DC, USA