Cyber Security & Elastic Developer

6-12 months Contractual role Elastic Stack Management : - Design, implement, and optimize Elasticsearch clusters for performance, scalability, and security. - Manage Kibana for data visualization and reporting, creating dashboards and visualizations for security event monitoring. - Implement Logstash pipelines for data ingestion and processing from multiple sources. - Develop and maintain Beats for collecting data from servers, cloud environments, and other systems. Cybersecurity Development : - Design and implement security solutions that leverage the Elastic Stack to detect, respond to, and mitigate security threats. - Use Elastic Security for intrusion detection, event monitoring, and threat hunting across systems. - Integrate Elastic Stack with other cybersecurity tools (IDS/IPS, firewalls, antivirus software, etc.) to gather and analyze security data. - Develop automated scripts and workflows for incident response, using data stored in Elasticsearch. Monitoring & Alerting : - Integrate New Relic and Datadog to monitor system performance, security events, and application health. - Set up performance and security alerting mechanisms across systems and services using Datadog and New Relic. - Build custom monitoring and alerting solutions for security-critical applications. Splunk Integration : - Configure and integrate Splunk for centralized log aggregation, searching, and alerting. - Build custom Splunk dashboards and searches to monitor security and system events. - Work with Splunk to develop security incident detection rules and integrate data sources for enhanced monitoring. Data Analytics & Threat Intelligence : - Analyze log data and security events from multiple tools (Elastic Stack, Splunk, Datadog, New Relic) to identify patterns and potential security threats. - Leverage threat intelligence feeds and correlate with system logs to detect Indicators of Compromise (IoC) and abnormal behavior. - Perform proactive security assessments and threat hunting using Elasticsearch queries and Kibana visualizations. Collaboration and Documentation : - Work closely with the security operations team to ensure that security data is captured, analyzed, and reported accurately. - Provide training and support to other teams on the use of Elastic Stack, Splunk, New Relic, and Datadog for security operations. - Maintain documentation for security monitoring systems, processes, and procedures. Required Skills & Qualifications : - Proven experience working with the Elastic Stack (Elasticsearch, Logstash, Kibana, Beats) in a security context. - Solid understanding of cybersecurity principles, including SIEM (Security Information and Event Management), threat detection, vulnerability management, and incident response. - Experience integrating New Relic, Datadog, and Splunk with monitoring and logging systems. - Expertise in using Elasticsearch for data analysis, querying, and creating dashboards. - Experience writing custom Logstash pipelines and Kibana visualizations for security data. - Hands-on experience in threat hunting, anomaly detection, and incident response using Elastic Security and other security monitoring tools. - Familiarity with Linux/Unix systems, scripting (Python, Bash, etc.), and automation tools. - Experience with security frameworks such as MITRE ATT&CK, OWASP, and industry compliance standards (e.g., NIST, GDPR). - Strong troubleshooting, problem-solving, and analytical skills. Desired Skills : - Experience with cloud security monitoring tools (AWS, Azure, GCP). - Familiarity with containerized environments (Docker, Kubernetes) and monitoring them with Elastic and Datadog. - Understanding of network security protocols and the ability to analyze network traffic logs. - Experience with machine learning or advanced analytics for detecting security anomalies. - Knowledge of vulnerability scanning and patch management tools. (ref:hirist.tech)

Location: in, IN

Posted Date: 1/25/2025