Detection Analyst (Elastic)
Charleston, SC, United States
USD 130K-140K (estimate) Mid-level Full Time
Tasks
- Analyze threat intelligence to refine detections
- Assess detection tool efficacy through program reviews
- Coordinate detection strategy with reporting agencies and subscriber sites
- Correlate logs using Elastic Security
- Create and optimize IDS IPS signatures
- Develop detection rules and logic in Elastic Security
- Document detection creation and implementation processes
- Integrate detections into monitoring and incident response workflows
- Maintain and update detections for evolving threats
- Validate and test detections to reduce false positives
Perks/Benefits
- N/A
Skills/Tech-stack
EQL | ESQL | Elastic Defend | Elastic Security | Elasticsearch | Elasticsearch Query | Elasticsearch Query Language | Event Query Language | IDS/IPS | Indicator management | KQL | Kibana Query Language | Log Correlation | MITRE ATT&CK | Query Language | Signature development | Threat Intelligence | Threat hunting
Education
Roles
Regions
Countries
States
Related jobs
-
Senior Cyber Security Engineer USD 135K-170KActive Directory | DNS | Detection engineering | EDR | Email Security401k | Dental insurance | Education assistance | Health insurance | Holiday paySenior-level Full TimeReston, VA, US7h ago
-
Tier 3 DCO (Defensive Cyber Operations) Watch Analyst USD 100K-132KDigital forensics | Host Forensics | IDS | IPS | Incident ResponseMid-level Full TimeCharleston, SC, United States1d ago
-
SIEM/SOAR Engineer USD 140K-160KAutomation | Capacity Planning | Data Ingestion | Elasticsearch | Event managementOn-call rotational supportSenior-level Full TimeCharleston, SC, United States1d ago
-
ME00600-Cyber Threat Analyst (Multiple Positions) USD 115K-190KCyber Kill Chain | Cyber Operations | Cyber Threat | Cyber Threat Intelligence | ICS/SCADADental insurance | Group medical insurance | Life insurance | PTO | Paid HolidaysMid-level Full TimeAnnapolis Junction, MD1d ago
-
Analytics | Application logs | Automation | Cloud Security | Correlation rulesSenior-level Full TimeFAIRFAX, VA, United States2d ago
-
Security Operations Center Analyst USD 86K-125KDetection engineering | Elastic | Event management | Flow analysis | Incident ResponseMid-level Full TimeFAIRFAX, VA, United States2d ago
-
SOC Security Engineering Team Lead - Senior USD 130K-166KATTACK | Alert fidelity | Configuration baselines | Cybersecurity Policy | Cybersecurity policy complianceSenior-level Full TimeFAIRFAX, VA, United States2d ago
-
SOC Technician (Shift 2 Lead) - Senior USD 130K-155KAlert triage | Correlation Analysis | Detection and Response | EDR | Endpoint Detection and ResponseSenior-level Full TimeFAIRFAX, VA, United States2d ago
-
SOC Manager - Senior USD 120K-166KCase management | Change Management | Continuous Monitoring | Cyber Threat | Cyber Threat IntelligenceSenior-level Full TimeFAIRFAX, VA, United States2d ago
-
SOC Technician (Shift 3 Lead) - Senior USD 120K-155KChange Management | Cybersecurity | DLP | Data Loss Prevention | Data lossSenior-level Full TimeFAIRFAX, VA, United States2d ago
-
SOC DMA Technician - Senior USD 120K-166KConfiguration Management | Correlation | Cybersecurity monitoring | DLP | DashboardsSenior-level Full TimeFAIRFAX, VA, United States2d ago
-
SOC CTIC Technician - Senior USD 104K-166KContinuous Monitoring | Cyber Threat | Cyber Threat Intelligence | Detection engineering | Event CorrelationSenior-level Full TimeFAIRFAX, VA, United States2d ago
-
Adversary Emulation | Attack surface | Attack surface management | Automated remediation | CI/CDSenior-level Full TimeSan Jose, California, United States2d ago
-
Engineering Analyst, Google Ads, Trust and Safety USD 132K-189KAbuse detection | Alerting | Cyber Security | Data Analysis | Data ModelingMid-level Full TimeSeattle, WA, USA2d ago
-
Security Operations Manager USD 90K-104KAccess reviews | Azure | Cybersecurity | DLP | Data Loss Prevention401k match | Company paid life insurance | Company-paid disability insurance | Dental insurance | Health insuranceMid-level Full TimePhoenix, AZ2d ago
-
Security Senior Solution Architect- Remote from Central or Eastern time zones with travel USD 129K-180KAWS Security | Access Management | Application Security | Azure Security | CIS Controls401k match | 529 College Funding | Adoption & Surrogacy Reimbursement | Dental insurance | Education reimbursementSenior-level Full TimeRemote - United States R2d ago
-
Security Operations Engineer USD 138K-215KAzure DevOps | Bash | CloudFormation | Data Loss Prevention | Data lossEmployee assistance program | Healthcare insurance | Life insurance | Paid Company Holidays | Pension/retirement matchingSenior-level Full TimeU.S. Remote R2d ago
-
Staff Product Security Engineer USD 184K-241KAI Security | AWS | Automation | Azure | CI/CD401k matching | Commuter benefits | Disability insurance | Family planning support | Fertility supportSenior-level Full TimeNew York City2d ago
-
Staff Product Security Engineer USD 184K-241KAI Security | AWS | Automation | Azure | CI/CD401k match | Commuter benefits | Dental insurance | Disability insurance | Fertility and family planning supportSenior-level Full TimeAtlanta, Georgia, United States2d ago
-
Senior Manager - CrowdStrike Identity Architect USD 150K-200KAccess Management | Active Directory | BeyondTrust | CIS Controls | CQLSenior-level Full TimeUnited States R3d ago
-
Security Operations Engineer USD 150K-205KAutomation | Chronicle | Digital forensics | Event management | Go401k match | Disability insurance | Flexible PTO | Free on-site meals | Health insuranceMid-level Full TimeSan Francisco3d ago
-
Principal Security Engineer USD 76K-162KAddress translation | Auto Scaling | Azure | Azure IaaS | CheckpointEmployee Referral Program eligible | Generous benefits and perksSenior-level Full TimePensacola, FL, United States3d ago
-
Senior Security Engineer USD 120K-136KAlerting | CIS Critical Security | CIS Critical Security Controls | Cloud Security | Correlation rulesOn-call support | Remote work | US Security ClearanceSenior-level Full TimeWork from home, VA, United States R3d ago
-
Security Engineer USD 80K-145KAccess Management | Alerting | CIS Critical Security | CIS Critical Security Controls | Cloud SecurityOn-call support | Remote workMid-level Full TimeWork from home, VA, United States R3d ago
-
SOC Analyst USD 86K-130KAuthentication Logging | CIS Critical Security | CIS Critical Security Controls | Case management | Critical Security ControlsOn-call support | Remote work | US security clearance supportMid-level Full TimeWork from home, VA, United States R3d ago