Elastic Security Engineer

Job Summary

As a Elastic Security Engineer at EDB you report directly to the Director of Security Operations and are a trusted member of the staff. Your work focuses on the engineering of security controls that protect detect and respond to cyber threats across the enterprise. The role requires the ability to design implement and operationalize critical security controls as well as work with stakeholder teams on their own control implementations.

The ideal candidate must be comfortable working in a global environment that supports flexible work schedules with the usual availability and on-call requirements of a security operations function. Whether you are looking to expand the breadth of your current role build a new security foundation or just needing a change of pace this role is for you!

**Candidate Note: This role is 100% remote we are looking for candidates only in the United States.

What your impact will be:

• Architect administer configure and optimize our SIEM platform (Elastic Security) to collect and correlate security event data.

• Perform regular SIEM platform upgrades and ensure its scalability and reliability.

• Monitor security logs alerts and reports to identify potential security issues and anomalies.

• Create and maintain custom SIEM rules alerts and dashboards to detect and respond to security incidents.

• Conduct in-depth log analysis to investigate security incidents breaches or suspicious activities.

• Utilize Elasticsearch to index and search security-related data for analysis and reporting.

• Collaborate with the team to build and maintain Elasticsearch-based security solutions.

• Incorporate threat intelligence feeds into SIEM and Elasticsearch for proactive threat hunting.

• Play a key role in the incident response process by identifying and mitigating security incidents promptly.

What you will bring:

• Proven experience as a Security Engineer with a focus on SIEM and Elasticsearch technologies.

• Expertise in Elasticsearch including data indexing querying and visualization.

• Familiarity with scripting and programming languages (e.g. Python) for automation and custom tool development.

• Excellent problem-solving skills and the ability to work under pressure in incident response scenarios.

• Strong communication skills both written and verbal to effectively convey complex security concepts.

• Develop and maintain key delivery artifacts supporting timelines diagrams guides procedures recommendations and the communication of decisions.

• Supported environments with cloud native technology stacks

• Detailed oriented customer focused and proactive in nature

• Knowledge of cybersecurity frameworks and standards (e.g. SOC2 ISO 27001 )

• Experience with the following: Multiple Operating Systems (macOS Windows Linux) Endpoint Detection and Response (EDR) Cloud Native stacks Security Information and Event Management (SIEM) tools log management intrusion detection email gateways and network security

#LI-Remote