Senior Cyber Security Analyst / Elastic Detection Engineer
1677 DISA-Pacific Ford Island HI
Full Time Senior-level / Expert Clearance required USD 101K - 183K
Leidos has a current job opportunity for a Senior Cyber Security Analyst/Elastic Detection Engineer specializing in data integration, model development, and system architecture. Areas of focus would be working with Elastic Stack (Elasticsearch, Logstash, Kibana) to develop, manage, and support scalable search and analytics solutions for the DISA GSM-O II program in Pearl Harbor, HI.
A successful candidate will have experience in cyber analysis/incident response and data onboarding, content development, configuration, troubleshooting, reporting, and visualizations. This role requires technical expertise in Elastic Stack, a deep understanding of SIEM architecture, and hands-on experience with data ingestion, tuning, and monitoring in secure environments.
POSITION SUMMARY:
The Senior Cyber Security Analyst/Elastic Detection Engineer develops SIEM/SOAR capabilities to support the team’s Cyber Security Service Provider (CSSP) services. This will include developing, implementing, and executing standard procedures for the "front-end" operation within Elastic. They will also be responsible for content development to include reports, dashboards, analytic rules, filters, and metrics.
PRIMARY RESPONSIBILITIES:
- Monitor and optimize the performance of Elastic Stack clusters to ensure high availability, reliability, and performance.
- Work with site threat emulation/analytic development team to maximize detection opportunities referenced to the MITRE ATT&CK framework.
- Customer Visualization Support: Support customer-driven visualization requirements and collaborate on data integration and Kibana dashboard development.
- Design, develop, and maintain custom dashboards using Elastic stack for monitoring and visualization of system metrics, logs, and traces.
- Create and maintain comprehensive documentation for Elastic Stack configurations, processes, and procedures.
BASIC QUALIFICATIONS:
- Active DoD Secret security clearance and ability to obtain TS/SCI
- DoD 8570 IAT level II or higher certification such as CompTIA Security+ CE, ISC2 SSCP, SANS GSEC prior to starting.
- DoD 8570 CSSP-A level Certification such as CEH, CySA+, GCIA or other certification is required within 180 days of hire.
- Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain.
- Bachelor's degree and 8+ years of prior relevant experience; additional work
- experience or Cyber courses/certifications may be substituted in lieu of degree.
- In-depth knowledge of architecture, engineering, and operations of Elastic Stack
- Strong written and oral communications skills and strong analytical and troubleshooting skills.
- An ability to think critically and work independently.
PREFERRED QUALIFICATIONS:
- CND experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization
- Advanced certifications in Elastic Stack or SIEM are preferred
- Strong knowledge of security information and event management (SIEM) systems, data pipelines, and threat detection methodologies.
- Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
- Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
- Unix/Linux command line experience.
- Scripting and programming experience such as PowerShell, bash, or python.
- Familiarity or experience in Intelligence Driven Defense and/or Cyber Kill Chain
- methodology.
- Existing 8570 CSSP Analyst Certifications (CEH), CySA+, etc.
- Vendor specific certifications.
Original Posting Date:
2024-10-25While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range:
Pay Range $101,400.00 - $183,300.00The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
Tags: Analytics Bash CEH Clearance CND CompTIA Cyber Kill Chain DISA DoD DoDD 8570 Elasticsearch GCIA GSEC GSM Incident response Linux MITRE ATT&CK Monitoring PowerShell Python SANS Scripting Security Clearance SIEM SOAR SSCP TCP/IP Threat detection TS/SCI TTPs UNIX
Perks/benefits: Equity / stock options
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.