Lead Elastic Stack Cybersecurity Engineer

Leidos-posted 8 months ago
$104,650 - $189,175/Yr
Full-time • Senior
Joint Base Pearl Harbor-Hickam, HI
Professional, Scientific, and Technical Services
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

Leidos has a current job opportunity for a Senior Cybersecurity Engineer specializing in data integration, content development, and system architecture. Working with Elastic Stack (Elasticsearch, Logstash, Kibana), the individual would lead a team in developing, managing, and optimizing scalable search and analytics solutions for the DISA GSM-O II program in Pearl Harbor, HI. A successful candidate will have experience in cyber analysis, incident response, SIEM operations, content development, visualizations, and reporting. This role requires technical expertise with Elastic, a deep understanding of SIEM architecture, and hands-on experience working with cybersecurity relevant data, cyber incident handling, and monitoring in secure environments.

  • Monitor and optimize the performance of content within the Elastic Stack clusters to ensure high availability, reliability, and performance of content supporting the Cyber Security Service Provider (CSSP) services.
  • Create and maintain comprehensive documentation for content, processes, and procedures.
  • Design, develop, and maintain custom dashboards using Elastic for monitoring and visualization of metrics, logs, and traces.
  • Support customer-driven visualization requirements and collaborate on data integration and Kibana dashboard development.
  • Work with the site threat emulation/analytic development team to maximize detection opportunities correlated with the MITRE ATT&CK framework.
  • Active DoD Secret security clearance and ability to obtain TS/SCI.
  • An ability to think critically, work independently, and regularly communicate updates to the supported stakeholders.
  • Highly motivated and able to work independently with minimal supervision, while also thriving in a collaborative team environment.
  • Strong written and oral communications skills and strong analytical and troubleshooting skills.
  • In-depth knowledge of architecture, engineering, and operations of Elastic Stack.
  • Demonstrated commitment to training, self-study, and maintaining proficiency in the technical cyber security domain.
  • Bachelor's degree and 8+ years of prior relevant experience; additional work experience or cyber courses/certifications may be substituted in lieu of degree.
  • DoD 8570 CSSP-A level Certification such as CEH, CySA+, GCIA or other certification is required within 180 days of hire.
  • DoD 8570 IAT level II or higher certification such as CompTIA Security+ CE, ISC2 SSCP, SANS GSEC prior to starting.
  • CND experience (Protect, Detect, Respond, and Sustain) within a Computer Incident Response organization.
  • Advanced certifications or any formal certified training in Elastic or other SIEMs are preferred.
  • Strong knowledge of security information and event management (SIEM) systems, data pipelines, and threat detection methodologies.
  • Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures (TTPs).
  • Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
  • Proven ability to develop, test, and deploy high-fidelity security analytics and detection rules.
  • Experience with a scripting language like Python is highly desirable.
  • Proficiency with GitLab (or similar version control systems) and collaboration platforms (e.g., Microsoft Teams, Slack).
  • Familiarity or experience in Intelligence-Driven Defense and/or Cyber Kill Chain methodology.
  • Exceptional analytical and problem-solving skills with a keen eye for identifying and addressing security gaps.
  • Demonstrated ability to analyze existing processes, identify areas for improvement, and implement solutions to enhance efficiency and effectiveness.
  • Existing 8570 CSSP Analyst Certifications (CEH), CySA+, etc.
  • Vendor-specific certifications.
  • Company-paid relocation to Hawaii
  • Competitive compensation plans (including health and wellness programs, flexible leave, and immediately-vested 401k)
  • Robust professional development and career growth program(s) within the defensive cyber space (including upskilling opportunities, mentorship, and 1:1 guidance and job-matchmaking from career coaches)
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Cybersecurity Engineer Resume Examples
Cybersecurity Engineer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service