Elastic Security Engineer
To see similar active jobs please follow this link: Remote Development jobs
Job Summary
As a Elastic Security Engineer at EDB you report directly to the Director of Security Operations and are a trusted member of the staff. Your work focuses on the engineering of security controls that protect, detect, and respond to cyber threats across the enterprise. The role requires the ability to design, implement, and operationalize critical security controls, as well as work with stakeholder teams on their own control implementations.
The ideal candidate must be comfortable working in a global environment that supports flexible work schedules with the usual availability and on-call requirements of a security operations function. Whether you are looking to expand the breadth of your current role, build a new security foundation, or just needing a change of pace this role is for you!
**Candidate Note: This role is 100% remote, we are looking for candidates only in the United States.
What your impact will be:
Architect, administer, configure, and optimize our SIEM platform (Elastic Security) to collect and correlate security event data.
Perform regular SIEM platform upgrades and ensure its scalability and reliability.
Monitor security logs, alerts, and reports to identify potential security issues and anomalies.
Create and maintain custom SIEM rules, alerts, and dashboards to detect and respond to security incidents.
Conduct in-depth log analysis to investigate security incidents, breaches, or suspicious activities.
Utilize Elasticsearch to index and search security-related data for analysis and reporting.
Collaborate with the team to build and maintain Elasticsearch-based security solutions.
Incorporate threat intelligence feeds into SIEM and Elasticsearch for proactive threat hunting.
Play a key role in the incident response process by identifying and mitigating security incidents promptly.
What you will bring:
Proven experience as a Security Engineer with a focus on SIEM and Elasticsearch technologies.
Expertise in Elasticsearch, including data indexing, querying, and visualization.
Familiarity with scripting and programming languages (e.g. Python) for automation and custom tool development.
Excellent problem-solving skills and the ability to work under pressure in incident response scenarios.
Strong communication skills, both written and verbal, to effectively convey complex security concepts.
Develop and maintain key delivery artifacts supporting timelines, diagrams, guides, procedures, recommendations, and the communication of decisions.
Supported environments with cloud native technology stacks
Detailed oriented, customer focused, and proactive in nature
Knowledge of cybersecurity frameworks and standards (e.g., SOC2, ISO 27001, )
Experience with the following: Multiple Operating Systems (macOS, Windows, Linux), Endpoint Detection and Response (EDR), Cloud Native stacks, Security Information and Event Management (SIEM) tools, log management, intrusion detection, email gateways, and network security
#LI-Remote
Elastic Security Engineer
To see similar active jobs please follow this link: Remote Development jobs
Job Summary
As a Elastic Security Engineer at EDB you report directly to the Director of Security Operations and are a trusted member of the staff. Your work focuses on the engineering of security controls that protect, detect, and respond to cyber threats across the enterprise. The role requires the ability to design, implement, and operationalize critical security controls, as well as work with stakeholder teams on their own control implementations.
The ideal candidate must be comfortable working in a global environment that supports flexible work schedules with the usual availability and on-call requirements of a security operations function. Whether you are looking to expand the breadth of your current role, build a new security foundation, or just needing a change of pace this role is for you!
**Candidate Note: This role is 100% remote, we are looking for candidates only in the United States.
What your impact will be:
Architect, administer, configure, and optimize our SIEM platform (Elastic Security) to collect and correlate security event data.
Perform regular SIEM platform upgrades and ensure its scalability and reliability.
Monitor security logs, alerts, and reports to identify potential security issues and anomalies.
Create and maintain custom SIEM rules, alerts, and dashboards to detect and respond to security incidents.
Conduct in-depth log analysis to investigate security incidents, breaches, or suspicious activities.
Utilize Elasticsearch to index and search security-related data for analysis and reporting.
Collaborate with the team to build and maintain Elasticsearch-based security solutions.
Incorporate threat intelligence feeds into SIEM and Elasticsearch for proactive threat hunting.
Play a key role in the incident response process by identifying and mitigating security incidents promptly.
What you will bring:
Proven experience as a Security Engineer with a focus on SIEM and Elasticsearch technologies.
Expertise in Elasticsearch, including data indexing, querying, and visualization.
Familiarity with scripting and programming languages (e.g. Python) for automation and custom tool development.
Excellent problem-solving skills and the ability to work under pressure in incident response scenarios.
Strong communication skills, both written and verbal, to effectively convey complex security concepts.
Develop and maintain key delivery artifacts supporting timelines, diagrams, guides, procedures, recommendations, and the communication of decisions.
Supported environments with cloud native technology stacks
Detailed oriented, customer focused, and proactive in nature
Knowledge of cybersecurity frameworks and standards (e.g., SOC2, ISO 27001, )
Experience with the following: Multiple Operating Systems (macOS, Windows, Linux), Endpoint Detection and Response (EDR), Cloud Native stacks, Security Information and Event Management (SIEM) tools, log management, intrusion detection, email gateways, and network security
#LI-Remote