E4T SAC

Elastic Engineer

E4T SAC

full-time

Posted on:

Location Type: Remote

Location: United States

Visit company website

Explore more

AI Apply
Apply

Tech Stack

CloudCyber SecurityElasticSearchETLFirewallsJavaLinuxLogstashPythonRuby

About the role

  • You are passionate about Cybersecurity and have experience building and deploying distributed ELK (Elasticsearch, Logstash, and Kibana) stacks.
  • You will help develop, enhance, design, deploy, and maintain our cyber programs, data analytics, threat hunting, and machine learning modules.
  • Be the primary subject matter expert for log ingestion/analysis.
  • Develop ELK stacks as infrastructure as code.
  • Implement Logstash configuration files, set up data pipelines for various log types such as Syslog.
  • Design, access, and maintain data stores, feeds, and associated tools based on ELK to fully integrate environments with multiple data sources including third-party applications.
  • Develop automation scripts to identify anomalies and visualize them in Kibana.
  • Identify, design, and implement improvements such as automating manual processes, optimize delivery of data, and re-design infrastructure as required.
  • Assist in the development of network intrusion analytics as part of a larger team.
  • Configure and maintain Linux-based OS in support of ELK stack.
  • Document the installation and configuration for production deployments.

Requirements

  • Certified Elastic Engineer
  • Ability to configure, maintain, and troubleshoot multiple Elastic environments at on-premises and Elastic-Cloud.
  • Experience with Elastic Stack architecture, design, and deployment.
  • Deep understanding of Elasticsearch internals, including indexing, search, and data aggregation.
  • Skills in managing enterprise level Elasticsearch clusters, handling cluster health, performance tuning, scaling, and ensuring high availability.
  • Proficiency in Elasticsearch Query DSL for complex queries, aggregations, and data analytics.
  • Proficiency in programming languages such as Java, Python, or Ruby.
  • Knowledge of scripting languages for automation is also beneficial.
  • Proven track record working in cybersecurity, understanding common attack vectors, threat landscapes, and defensive technologies.
  • Proficiency in implementing security measures within Elasticsearch, such as role-based access control, encryption, index security, and audit logging.
  • Skills in managing and analyzing logs and security events from various sources (firewalls, IDS/IPS systems, network devices, operating systems) using the ELK stack.
  • Advanced ability to craft complex queries, alerts, and visualizations tailored for cybersecurity needs, such as detecting anomalies and potential threats.
  • Proficiency in data parsing using GROK/DISSECT, ingestion, and ETL workflows.
  • Expertise in developing complex Elasticsearch Watchers.
  • Experience in Elastic Security, Detection Rules, Machine Learning and AI Assistant.
  • Proficiency in developing Elasticsearch solutions to specific security needs, such as custom dashboards and reports for ongoing monitoring.
Benefits
  • N/A 📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
ElasticsearchLogstashKibanaJavaPythonRubyGROKDISSECTETLMachine Learning
Certifications
Certified Elastic Engineer