Security Engineer - Elastic Search
Requirements:
• The successful candidate must have a strong command of Elastic setup, operations, alerting, use case development & implementation, configuration, maintenance, optimization and reporting.
• Real world security experience in the financial services (banking, brokerage & insurance), technology, government or retail industries.
• Significant experience with setup and technical operations of syslog, IDS, WAFs, malware analysis including custom signature development.
• Strong skills with security operations, forensics, daily security report reviews, intelligence, security, firewalls, Denial of Service detection/mitigation, etc.
• Experience with PCI DSS, ISO27001 and SOC2 Certification/Audits.
• Audit evidence collection, processing, labeling, management, etc.
• Additionally, the candidate should have a command of secure configuration on Linux, Windows, incident investigation and system hardening.
• The Information Security Engineer is responsible for documentation including reports, presentations, run books, incident reviews, threat impact assessments, mitigation tactics, remediation strategies and related items.
• Demonstrable experience in an internal Security Operations Center or with a MSSP.
• Ability to show solutions, field questions and respond to inquiries on Certifications, Controls, Policies, APTs, emerging security issues, trends, statutory mandates, etc.
Technologies:
• Linux
• Elastic
• AWS Segmentation & Cloud Security
• AWS Shield
• AWS GuardDuty
• iptables
• Windows / Microsoft 365
• MS-Excel (pivots, vlookup, analysis, etc).
• syslog / rsyslog.
• Qualys
• Tenable
• OneTrust
Microsoft 365 Compliance and DLP tools
Google Chronicle
Qualifications:
• Security+, CISA, CISSP, etc. beneficial but not required.
• 3 years of system expertise with Linux and Windows.
• 3 years Security Event Management, Linux system administration focusing on security, security audits, auditing, forensic investigation on Linux, Global Security Operations.
• 3 years of system & application security management.
• 2 years hands on Elastic and/or certification