Elastic Engineer - Analyst

February 24

Apply Now

Receive Emails with Similar Jobs

E4T SAC

WebsiteLinkedInAll Job Openings

E4T SAC is a company that specializes in providing digital signage solutions, integrating technology to enhance user experiences through dynamic content delivery. They focus on the management and consent of cookies to optimize online services, ensuring compliance with privacy regulations while delivering tailored marketing experiences.

broadcast • media • satellite • digitalTV • telecommunication

2 - 10 employees

🛍️ eCommerce

☁️ SaaS

📋 Description

• You are passionate about Cybersecurity and have experience building and deploying distributed ELK (Elasticsearch, Logstash, and Kibana) stacks. • You will help develop, enhance, design, deploy, and maintain our cyber programs, data analytics, threat hunting, and machine learning modules. • Be the primary subject matter expert for log ingestion/analysis. • Develop ELK stacks as infrastructure as code. • Implement Logstash configuration files, set up data pipelines for various log types such as Syslog. • Design, access, and maintain data stores, feeds, and associated tools based on ELK to fully integrate environments with multiple data sources including third-party applications. • Develop automation scripts to identify anomalies and visualize them in Kibana. • Identify, design, and implement improvements such as automating manual processes, optimize delivery of data, and re-design infrastructure as required. • Assist in the development of network intrusion analytics as part of a larger team. • Configure and maintain Linux-based OS in support of ELK stack. • Document the installation and configuration for production deployments.

🎯 Requirements

• Elastic Certified Engineer. • Ability to configure, maintain, and troubleshoot multiple Elastic environments at on-premises and Elastic-Cloud. • Experience with Elastic Stack architecture, design, and deployment. • Deep understanding of Elasticsearch internals, including indexing, search, and data aggregation. • Skills in managing enterprise level Elasticsearch clusters, handling cluster health, performance tuning, scaling, and ensuring high availability. • Proficiency in Elasticsearch Query DSL for complex queries, aggregations, and data analytics. • Proficiency in programming languages such as Java, Python, or Ruby. • Knowledge of scripting languages for automation is also beneficial. • Proven track record working in cybersecurity, understanding common attack vectors, threat landscapes, and defensive technologies. • Proficiency in implementing security measures within Elasticsearch, such as role-based access control, encryption, index security, and audit logging. • Skills in managing and analyzing logs and security events from various sources (firewalls, IDS/IPS systems, network devices, operating systems) using the ELK stack. • Advanced ability to craft complex queries, alerts, and visualizations tailored for cybersecurity needs, such as detecting anomalies and potential threats. • Proficiency in data parsing using GROK/DISSECT, ingestion, and ETL workflows. • Expertise in developing complex Elasticsearch Watchers. • Experience in Elastic Security, Detection Rules, Machine Learning and AI Assistant. • Proficiency in developing Elasticsearch solutions to specific security needs, such as custom dashboards and reports for ongoing monitoring.