Cybersecurity Engineer (Elastic) Job

Who we are

We are seeking a skilled Elastic SIEM (Security Information and Event Management) Engineer to join our dynamic team. You will be responsible for designing, implementing, and maintaining Enterprise grade Elastic SIEM solutions. This role requires strong technical expertise in Elasticsearch, Logstash, Kibana, and other related technologies, along with excellent problem-solving skills and the ability to collaborate effectively with cross-functional teams.

What you'll be doing

• Design, deploy, configure, and maintain Elastic SIEM solutions to monitor and analyze security events and logs across the organization's infrastructure
• Develop custom dashboards, visualizations, and alerts in Kibana to provide real-time insights into security threats and vulnerabilities
• Collaborate with security analysts, threat hunters, and incident responders to enhance detection capabilities and response times
• Perform log ingestion, normalization, and enrichment using Logstash or other data processing tools
• Conduct regular audits and reviews of Elastic SIEM configurations to ensure optimal performance and adherence to security best practices
• Troubleshoot and resolve issues related to Elastic SIEM components, including Elasticsearch clusters, index management, and data ingestion pipelines
• Stay current with industry trends, emerging threats, and new features in Elastic SIEM technology, and recommend improvements or updates to existing systems
• Provide technical guidance and training to junior members of the security team on Elastic SIEM usage, configuration, and troubleshooting

What you'll bring along

• Bachelor’s degree in computer science, Information Security, or a related field; or equivalent work experience
• Proven experience working with Elastic SIEM, Elasticsearch, Logstash, and Kibana in large-scale enterprise environments
• Strong understanding of security operations concepts, including threat detection, incident response, and log analysis
• Proficiency in one scripting languages such as Python, Shell, or PowerShell for automation and customization tasks
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams
• Security certifications such as Elastic Certified Engineer (ECE) are a plus

       Preferred Qualifications:

• Experience with other SIEM solutions such especially Exabeam
• Knowledge of network security technologies, including firewalls, intrusion detection/prevention systems, and endpoint security solutions
• Experience with cloud security monitoring platforms (e.g., Azure Monitor, Google Cloud Security Command Center)
• Familiarity with DevOps practices and tools for continuous integration and deployment (CI/CD)