• Bachelor in Engineering, Computer Science, or a similar field
• Minimum of 6 years experience in a related field
• 1 year of experience required ElasticStack
• Associate's degree with 8 years OR 10 years of IT experience
• 1 year of experience with Unix OS and ElasticSearch
• 2 years of experience in US Military C2 or Commercial LAN/WAN systems Admin
• ElasticStack Certified Administrator (within 6 months of start)
• DoD 8570 IAT-III certification (ie. CISSP, CASP, GCIH, CISA, GCED).

• Provide Security Information Event Management (SIEM) engineering and operational support using ElasticStack and other SIEM tools.
• Provide security analysts with correlated and consolidated views of security events from across the network, enabling SIEM users to develop a comprehensive understanding of the security environment from a single point.
• Using ElasticSearch, provide a network forensics capability to support post-mortems on previous attacks and provide trend analysis capability to assist the security analysts in the development of plans to protect the infrastructure from future attacks.
• Design, implement, and monitor data feeds from various technology areas on multiple networks.
• The ElasticStack product is used on Linux-based servers and systems.

#clearance

EOE/ADA
#LI-SRG10
IND123