SIEM Platform Engineer

Job description

SIEM Platform Engineer The Opportunity: Work with clients and peers to build a high-performing system using Elastic to aggregate logs from many systems into a single common schema. Use Elastic Common Schema ( ECS ) formatted fields, create quality visualizations and alerts that analysts can use for threat hunting, maintain infrastructure, and identify problems or anomalous behavior before they become a larger issue and can be actioned on. Work with the vendor to determine best practices for deployment and maintenance of system architecture and deploy within designated security requirements. You Have: 3+ years of experience with SIEM platforms such as Splunk Enterprise Security, Elastic Security, Kibana, Sentinel, or Chronicle 1+ years of experience designing data pipeline architectures for security operations, including log collection, normalization, enrichment, and routing 1+ years of experience with Elastic Stack, Logstash, Elasticsearch, Kibana, and Beats, including installing, configuring, maintaining, upgrading, and troubleshooting these products Experience architecting detection engineering pipelines, threat hunting workflows, or automated response capabilities Experience wit...