Sr. SIEM Engineer (Elastic + Confluent).

Location: #Fort_Belvoir, VA.
Salary: $160,700 - $306,500.
Employer: Accenture Federal Services.

Responsibilities:
• Design, deploy, configure, and maintain Elastic stack and Confluent deployments;
• Manage, patch, and upgrade Elasticsearch, Confluent, and other related systems;
• Tune and optimize Elastic stack deployments based on application/customer needs;
• Design and configure ETL data pipelines to ingest customer defined data sets such as application logs, metrics, and or threat events;
• Create custom visualizations and dashboards using Kibana;
• Configure and maintain index templates and information lifecycle management (ILM) policies;
• Develop Elastic alerting solutions using Watcher and/or Kibana Rules and Connectors with integrations to ticketing systems, email, and messaging apps as required;
• Develop Machine Learning (ML) jobs to dynamically monitor and alert on identified metrics, KPIs, and/or data anomalies;
• Follow ITIL based change management processes to move solutions from Dev to Test and into Production;
• Run the day-to-day operations of the security operations center;
• Investigate incidents and lead response efforts as applicable.

Requirements:
• Secret clearance is required to maintain this position;
• Compliance with one of the DoD 8140 / 8570 IAT Level II certification prior to start date (CompTIA Security+ CE, CySA+, CCNA Security, GSEC, GICSP);
• 3+ years of hands-on experience in deployment, configuration, and solution development using the Elastic Stack for security and logging use-cases;
• Demonstrated experience with the full Elastic Stack: Elasticsearch, Logstash, Kibana, Beats, Machine Learning, and REST API integration;
• Experience in developing data structures and data mapping from various sources to achieve data normalization using Elastic Common Schema;
• Experience developing Logstash and/or Elastic Ingest Pipelines;
• Experience developing custom visualizations and dashboards using Kibana, including creating specialized reporting solutions through Elasticsearch and Kibana APIs to meet complex stakeholder requirements;
• Certified Elastic Engineer or willingness to gain certification within 90 days of hire.

⚡ %contact_placeholder%

#Офис #ИБ

Senior SIEM Engineer (Elastic + Confluent)