Job Description

Description Leidos has a current job opportunity for a Senior Cybersecurity Engineer specializing in data integration, content development, and system architecture. Working with Elastic Stack (Elasticsearch, Logstash, Kibana), the individual would lead a team in developing, managing, and optimizing scalable search and analytics solutions for the DISA GSM-O II program in Pearl Harbor, HI. A successful candidate will have experience in cyber analysis, incident response, SIEM operations, content development, visualizations, and reporting. This role requires technical expertise with Elastic, a deep understanding of SIEM architecture, and hands-on experience working with cybersecurity relevant data, cyber incident handling, and monitoring in secure environments.

POSITION SUMMARY:

The Senior Cybersecurity / Elastic Detection Engineer will lead in the development of SIEM/SOAR capabilities to support the team’s Cyber Security Service Provider (CSSP) services. They will create, test, implement, and execute standard procedures for the "front-end" operation within Elastic. They will also develop reports, dashboards, analytic rules, filters, and metrics.

PRIMARY RESPONSIBILITIES:

Monitor and optimize the performance of content within the Elastic Stack clusters to ensure high availability, reliability, and performance of content supporting the CSSP services. Create and maintain comprehensive documentation for content, processes, and procedures. Design, develop, and maintain custom dashboards using Elastic for monitoring and visualization of metrics, logs, and traces. Support customer-driven visualization requirements and collaborate on data integration and Kibana dashboard development. Work with the threat emulation/analytic development team to maximize detection opportunities correlated with the MITRE ATT&CK framework.

BASIC QUALIFICATIONS:

Active DoD Secret security clearance and ability to obtain TS/SCI. Ability to think critically, work independently, and communicate updates to stakeholders. Highly motivated, able to work independently with minimal supervision, and thrive in a team environment. Strong written and oral communication skills, along with analytical and troubleshooting skills. In-depth knowledge of Elastic Stack architecture, engineering, and operations. Commitment to training, self-study, and maintaining proficiency in cybersecurity. Bachelor's degree and 8+ years of relevant experience; additional work experience or cyber courses/certifications may substitute for degree. DoD 8570 CSSP-A level Certification (e.g., CEH, CySA+, GCIA) within 180 days of hire. DoD 8570 IAT level II or higher certification (e.g., Security+ CE, SSCP, GSEC) prior to starting.

PREFERRED QUALIFICATIONS:

CND experience within a Computer Incident Response organization. Advanced certifications or formal training in Elastic or other SIEMs. Strong knowledge of SIEM systems, data pipelines, and threat detection methodologies. Understanding of network threats, attack vectors, TTPs, TCP/IP, protocols, system administration, OSI model, defense-in-depth, and security elements. Ability to develop, test, and deploy high-fidelity security analytics and detection rules; scripting experience (e.g., Python) is desirable. Proficiency with GitLab or similar version control, and collaboration platforms like Teams or Slack. Experience with Intelligence-Driven Defense or Cyber Kill Chain methodology. Exceptional analytical and problem-solving skills. Existing 8570 CSSP Analyst Certifications (e.g., CEH, CySA+), vendor-specific certifications. #J-18808-Ljbffr Leidos

Job Tags

Work experience placement,

Similar Jobs