Cyber Security Incident and Event Management/Elastic Specialist Job at Diligent Consulting Inc, Washington DC

cFZURExaV2dEOHdwUmdlbWZ5dzZPU1ZWSFE9PQ==
  • Diligent Consulting Inc
  • Washington DC

Job Description

US CITIZEN ONLY. SECRET CLEARANCE REQUIRED.  MUST HAVE IT-II CERT (IE SECURITY+)

SIEM/Elastic Specialist will:

• Be responsible for designing & setting up the ingestion of various customer data flows to include pre-processing data into a useable format, ensuring proper parsing and indexing
• Collaborate with cross-functional teams and responsible for designing & integrating Elastic with a wide variety of data sources and developing associated knowledge objects such as queries, dashboards, reports, alerts for monitoring and analytics
• Perform data transformation using Elastic query language 
• Track the health of the Elastic environment and optimize its performance. Troubleshoot and resolve issues related to security, performance, data indexing, and searches
• Perform watch-officer monitoring duties, including:
○ monitoring, detecting, investigating, and responding to cybersecurity threats and events using Elastic /SIEM Platform
○ Reviewing correlated alerts and logs for compromise scenarios
○ Performing triage of security alerts to prioritize response
○ Identifying false positives
○ Investigating security incidents and determining root cause
○ Collecting and preserving logs for analysis
○ Escalating confirmed incidents to leadership or SOC teams
○ Coordinating with IT or DevOps for containment and remediation
○ Creating after-action reports (AAR) post-incident
• In addition, the role may include assistance with monitoring Vulnerability Management tools, such as ACAS and ePO.

QUALIFICATIONS:

• Have at least three years of working knowledge and hands-on experience with Elastic/Splunk query languages, monitoring SIEM dashboards and real-time alerts, fine-tuning SIEM rules to reduce noise, and NIST 800-53 & DevSecOps frameworks

 

Job Tags

Full time,

Similar Jobs

ATC Chicago

School Nurse Registered Nurse-RN Job at ATC Chicago

 ...The SCHOOL NURSE provides nursing services to the student population in various environments. The school Nurse works cooperatively with the school staff, parents, and guardians to provide for the health care needs of students. The school Nurse works under the supervision... 

Wichita Collegiate School

Athletic Director Job at Wichita Collegiate School

 ...Independent School located in Wichita, KS, is looking for an Athletic Director. The Athletic Director is responsible for leading,...  ...Administration Recruit, supervise, and evaluate coaches and assistant coaches. Lead coaches and assistant coaches onboarding.... 

The Mob Museum

Educator Job at The Mob Museum

Position Overview Educators are responsible for engaging guests within The Mob Museum galleries, facilitating the Museums interactive mediated experiences, and providing accurate and fun educational content throughout the Museum. Regular duties include initiating one... 

Elevait Solutions

Security Officer Job at Elevait Solutions

 ...Job Title: Security Officer Location: Philadelphia PA Duration: 5+ Months Job Type: Contract Note : Temp...  ...Top 3 Keywords: 1. PA Act 235 Certification 2. Healthcare / Hospital Security 3. Crisis Intervention / Patient Restraint Response... 

Department of Fish and Wildlife

Information Security Officer Job at Department of Fish and Wildlife

 ...team of professionals dedicated to cybersecurity, privacy, and eDiscovery. Youll be the Departments Information Security Officer, responsible...  ...most, CDFW is ready for you. This position is designated as remote-centered and will report in the office a minimum of 2 days per...