elastic siem analyst.
plano , texas
posted 6 days ago
job details
summary
$60 - $65 per hour
contract
bachelor degree
category computer and mathematical occupations
reference1039490
job details
job summary:
Responsibilities
Implements security monitoring and documents standard operations procedures for the Incident Management Team.
Implements security monitoring rules, reports and dashboard while maintaining best practices to ensure maximum security tool efficiency. Monitors security systems, analyzes events and investigates security-related incidents.
Creates Threat Hunting models for Endpoints and Network Traffic. Analyzes endpoint including logging, EDR, IPS and DLP tools. Analyzes network monitoring including IPS, WAF, PCAP and Netflow tools. Focuses on critical systems within Vanguard's network to detect, respond and handle incidents related to unauthorized activity, malware, and APTs
Keeps management within the department informed by communicating progress, issues, concerns and opportunities. Assesses and immediately notifies manager of any potential information security breech and security issues that may have a negative impact on business operations.
Identifies opportunities to improve the quality, efficiency and effectiveness of the department as well as the processes that affect the divisions and the enterprise. Maintains an awareness of the department's dashboard and provides suggestions to improve performance.
Identifies Tactical Intelligence relevant to Vanguard systems. Works with Incident Management and Threat management to follow incident response procedures to ensure proper detection, mitigation controls.
Escalates internal threat issues to the Insider Threat Team.
Participates in special projects and performs other duties as assigned.
Qualifications
Experience creating security monitoring within a SIEM.
Experience creating alert, dashboards and pipelines in Elastic
Demonstrated initiative and ability to work independently with attention to detail.
Demonstrated ability to be flexible and exercise good judgment.
Demonstrated strong organization and time management skills. Excellent multitasking and time management skills.
Experience analyzing endpoint logging, detection, response and forensic tools.
Working knowledge of AWS, Azure or GCP
location: Plano, Texas
job type: Contract
salary: $60 - 65 per hour
work hours: 8am to 4pm
education: Bachelors
responsibilities:
Responsibilities
Implements security monitoring and documents standard operations procedures for the Incident Management Team.
Implements security monitoring rules, reports and dashboard while maintaining best practices to ensure maximum security tool efficiency. Monitors security systems, analyzes events and investigates security-related incidents.
Creates Threat Hunting models for Endpoints and Network Traffic. Analyzes endpoint including logging, EDR, IPS and DLP tools. Analyzes network monitoring including IPS, WAF, PCAP and Netflow tools. Focuses on critical systems within Vanguard's network to detect, respond and handle incidents related to unauthorized activity, malware, and APTs
Keeps management within the department informed by communicating progress, issues, concerns and opportunities. Assesses and immediately notifies manager of any potential information security breech and security issues that may have a negative impact on business operations.
Identifies opportunities to improve the quality, efficiency and effectiveness of the department as well as the processes that affect the divisions and the enterprise. Maintains an awareness of the department's dashboard and provides suggestions to improve performance.
Identifies Tactical Intelligence relevant to Vanguard systems. Works with Incident Management and Threat management to follow incident response procedures to ensure proper detection, mitigation controls.
Escalates internal threat issues to the Insider Threat Team.
Participates in special projects and performs other duties as assigned.
Qualifications
Experience creating security monitoring within a SIEM.
Experience creating alert, dashboards and pipelines in Elastic
Demonstrated initiative and ability to work independently with attention to detail.
Demonstrated ability to be flexible and exercise good judgment.
Demonstrated strong organization and time management skills. Excellent multitasking and time management skills.
Experience analyzing endpoint logging, detection, response and forensic tools.
Working knowledge of AWS, Azure or GCP
qualifications:
Experience level: Experienced
Education: Bachelors
skills:
Elastic (2 years of experience is required)
Firewall EngineeringEqual Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact [email protected] offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including health, an incentive and recognition program, and 401K contribution (all benefits are based on eligibility).Applications accepted on ongoing basis until filled.
zpostcode 
Recruit 
weather 
mreligion 
Yellowpages 
sport 
constellation 
shopping 
name 
game 
directory 
literature 
Word 
tour 
furnish 
Lottery 
tftnews 
lyrics 
News 
digital 
car 
dir 
Edu 
Finance 
