Cyber Security Incident and Event Management/Elastic Specialist Job at Diligent Consulting, Washington DC

TjY4K0JYRi9QeTRLdUtnTW14UU5WZzFu
  • Diligent Consulting
  • Washington DC

Job Description


US CITIZEN ONLY. SECRET CLEARANCE REQUIRED. MUST HAVE IT-II CERT (IE SECURITY+)

SIEM/Elastic Specialist will:

• Be responsible for designing & setting up the ingestion of various customer data flows to include pre-processing data into a useable format, ensuring proper parsing and indexing
• Collaborate with cross-functional teams and responsible for designing & integrating Elastic with a wide variety of data sources and developing associated knowledge objects such as queries, dashboards, reports, alerts for monitoring and analytics
• Perform data transformation using Elastic query language 
• Track the health of the Elastic environment and optimize its performance. Troubleshoot and resolve issues related to security, performance, data indexing, and searches
• Perform watch-officer monitoring duties, including:
○ monitoring, detecting, investigating, and responding to cybersecurity threats and events using Elastic /SIEM Platform
○ Reviewing correlated alerts and logs for compromise scenarios
○ Performing triage of security alerts to prioritize response
○ Identifying false positives
○ Investigating security incidents and determining root cause
○ Collecting and preserving logs for analysis
○ Escalating confirmed incidents to leadership or SOC teams
○ Coordinating with IT or DevOps for containment and remediation
○ Creating after-action reports (AAR) post-incident
• In addition, the role may include assistance with monitoring Vulnerability Management tools, such as ACAS and ePO.

QUALIFICATIONS:

• Have at least three years of working knowledge and hands-on experience with Elastic/Splunk query languages, monitoring SIEM dashboards and real-time alerts, fine-tuning SIEM rules to reduce noise, and NIST 800-53 & DevSecOps frameworks

Job Tags

Full time,

Similar Jobs

Technical Professionals Group

CDL A Vehicle Test Driver (Part-Time) Job at Technical Professionals Group

 ...Who we are:Our DNA is rooted in automotive design, engineering and testing. We're driven by our dedication to providing the best service there is and by the pride that comes with having earned the trust of the premier names in the industry. We trace our heritage back over... 

Pharmaron

Clinical Data Manager Job at Pharmaron

PositionClinical Data ManagerLocation & CompensationHybrid/Remote. Salary range: $60,000 - $80,000 per year.Company OverviewPharmaron is...  ...are empowered to succeed.Job DetailsSeniority level: MidSeniorEmployment type: FulltimeJob function: Research... 

Vendocommerce

Walmart Advertising Specialist Job at Vendocommerce

Consumer Web eCommerce Internet of ThingsYOUR BRAND. YOUR STORY. YOUR TRUSTED PARTNER FOR GLOBAL ECOMMERCE GROWTH.WHO WE AREVendo...  ...specializing in the world's largest online marketplaces Amazon and Walmart.com. We have 25+ years of retail experience, $25B+ in sales... 

A & Associates

Licensed Insurance Agent Job at A & Associates

 ...Looking to rapidly grow your insurance career with a company that rewards drive, passion, and results? This is a unique opportunity to...  ...unlimited. A&A Insurance is seeking a licensed, motivated insurance agent who wants hands-on experience building a strong book of... 

Providence Health and Services

Clinical Medical Assistant (MA II) - Full-Time, Day Shift Job at Providence Health and Services

 ...duties such as vital sign collection, injections, and medication administration. This role requires graduated medical assistant training or...  ...harassment on the basis of race, color, gender, disability, veteran, military status, religion, age, creed, national origin,...