Cybersecurity Engineer (Elastic)
Description:
Who we are
We are seeking a skilled Elastic SIEM (Security Information and Event Management) Engineer to join our dynamic team. You will be responsible for designing, implementing, and maintaining Enterprise grade Elastic SIEM solutions. This role requires strong technical expertise in Elasticsearch, Logstash, Kibana, and other related technologies, along with excellent problem-solving skills and the ability to collaborate effectively with cross-functional teams.
What you'll be doing
Design, deploy, configure, and maintain Elastic SIEM solutions to monitor and analyze security events and logs across the organization's infrastructure
Develop custom dashboards, visualizations, and alerts in Kibana to provide real-time insights into security threats and vulnerabilities
Collaborate with security analysts, threat hunters, and incident responders to enhance detection capabilities and response times
Perform log ingestion, normalization, and enrichment using Logstash or other data processing tools
Conduct regular audits and reviews of Elastic SIEM configurations to ensure optimal performance and adherence to security best practices
Troubleshoot and resolve issues related to Elastic SIEM components, including Elasticsearch clusters, index management, and data ingestion pipelines
Stay current with industry trends, emerging threats, and new features in Elastic SIEM technology, and recommend improvements or updates to existing systems
Provide technical guidance and training to junior members of the security team on Elastic SIEM usage, configuration, and troubleshooting
What you'll bring along
Bachelor’s degree in computer science, Information Security, or a related field; or equivalent work experience
Proven experience working with Elastic SIEM, Elasticsearch, Logstash, and Kibana in large-scale enterprise environments
Strong understanding of security operations concepts, including threat detection, incident response, and log analysis
Proficiency in one scripting languages such as Python, Shell, or PowerShell for automation and customization tasks
Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams
Security certifications such as Elastic Certified Engineer (ECE) are a plus
Preferred Qualifications:
Experience with other SIEM solutions such especially Exabeam
Knowledge of network security technologies, including firewalls, intrusion detection/prevention systems, and endpoint security solutions
Experience with cloud security monitoring platforms (e.g., Azure Monitor, Google Cloud Security Command Center)
Familiarity with DevOps practices and tools for continuous integration and deployment (CI/CD)