SIEM Specialist

SIEM / Elastic Specialist will :

Be responsible for designing & setting up the ingestion of various customer data flows to include pre-processing data into a useable format, ensuring proper parsing and indexing

Collaborate with cross-functional teams and responsible for designing & integrating Elastic with a wide variety of data sources and developing associated knowledge objects such as queries, dashboards, reports, alerts for monitoring and analytics

Perform data transformation using Elastic query language

Track the health of the Elastic environment and optimize its performance. Troubleshoot and resolve issues related to security, performance, data indexing, and searches

Perform watch-officer monitoring duties, including :

• monitoring, detecting, investigating, and responding to cybersecurity threats and events using Elastic / SIEM Platform
• Reviewing correlated alerts and logs for compromise scenarios
• Performing triage of security alerts to prioritize response
• Identifying false positives
• Investigating security incidents and determining root cause
• Collecting and preserving logs for analysis
• Escalating confirmed incidents to leadership or SOC teams
• Coordinating with IT or DevOps for containment and remediation
• Creating after-action reports (AAR) post-incident

In addition, the role may include assistance with monitoring Vulnerability Management tools, such as ACAS and ePO

Minimum Qualifications

Other Job Specific Skills

Compensation Ranges

Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.

EEO Requirements

It is the policy of ASM that an individual's race, color, religion, sex, disability, age, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.

All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, disability, or age. All decisions on employment are made to abide by the principle of equal employment.

Physical Requirements

The physical requirements described in "Knowledge, Skills and Abilities" above are representative of those which must be met by an employee to successfully perform the primary functions of this job. (For example, "light office duties' or "lifting up to 50 pounds" or "some travel" required.) Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions.

Disclaimer

The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.