Talent.com
Cyber Security Associate - Elastic/SIEM SME
Cyber Security Associate - Elastic/SIEM SMEGovCIO • San Antonio, TX, US
serp_jobs.error_messages.no_longer_accepting
Cyber Security Associate - Elastic / SIEM SME

Cyber Security Associate - Elastic / SIEM SME

GovCIO • San Antonio, TX, US
job_description.job_card.1_day_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
job_description.job_card.job_description

Overview

GovCIO is currently hiring for an Elastic / Security Information and Event Management SME to support implementation of multi-domain zero trust across 16th Air Force IT enclaves. Incumbents will be responsible for the operation, optimization, configuration, and maintenance of Elastic Stack. Additionally, the incumbents will be responsible for integration of new data feeds into the Elastic stack and optimization of reporting / data outputs. This position will be located in San Antonio, TX and will be an onsite position.

Responsibilities

  • Design, configure, and optimize Elastic Stack components (Elasticsearch, Logstash, Kibana, Beats) to meet operational requirements.
  • Develop and implement scalable Elastic solutions for data ingestion, processing, and visualization.
  • Perform cluster management, including scaling, performance tuning, and troubleshooting.
  • Collaborate with stakeholders to gather requirements and design Elastic-based solutions tailored to mission needs.
  • Develop and document architecture diagrams, workflows, and technical specifications.
  • Integrate Elastic Stack with other tools and platforms, such as SIEMs, data lakes, and cloud environments.
  • Support incident response teams by providing real-time data analysis and visualization using Elastic tools.
  • Implement security best practices for Elastic Stack, including role-based access control (RBAC), encryption, and auditing.
  • Ensure compliance with DoD security standards, including DISA STIGs and RMF requirements.
  • Develop scripts and automation tools for Elastic Stack deployment, configuration, and monitoring.
  • Write custom parsers, filters, and pipelines for data ingestion and transformation.
  • Collaborate with software development teams to integrate Elastic solutions into CI / CD pipelines.
  • Monitor Elastic Stack performance and availability, ensuring high uptime and reliability.
  • Perform regular upgrades, patching, and maintenance of Elastic components.
  • Troubleshoot and resolve issues related to data ingestion, indexing, and querying.

Qualifications

High School with 10 years combined SIEM, Incident Responder, or CND experience

Required Skills and Experience

  • In-depth knowledge of Elastic Stack components (Elasticsearch, Logstash, Kibana, Beats).
  • Experience with Elastic cluster design, scaling, and performance optimization.
  • Proficiency in creating custom dashboards, visualizations, and alerts in Kibana.
  • Strong understanding of data ingestion, ETL pipelines, and log aggregation.
  • Experience with JSON, REST APIs, and Elasticsearch Query DSL.
  • Familiarity with data formats such as JSON, XML, and CSV.
  • Knowledge of incident response processes and tools.
  • Ability to analyze logs and events to support forensic investigations and threat hunting.
  • Clearance Required : TS / SCI
  • Elastic Certified Engineer or Elastic Certified Analyst.
  • DoD 8570.01-M / DoD 8140 IAT Level II or III certification.
  • Preferred Skills and Experience

  • Familiarity with cloud platforms (AWS, Azure, Google Cloud Platform) and Elastic Cloud.
  • Experience with SIEM tools such as Splunk, ArcSight, or QRadar.
  • Knowledge of network protocols, firewalls, and load balancers.
  • Strong analytical and problem-solving skills.
  • Excellent communication and documentation skills.
  • Experience working within the Intelligence and / or DOD Cyber Communities
  • Elastic Certified Observability Engineer.
  • GIAC Certified Incident Handler (GCIH).
  • AWS Certified Solutions Architect or equivalent cloud certification.
  • Company Overview

    GovCIO is a team of transformers–people who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT services and solutions that improve how government agencies operate and serve our citizens.

    But we can't do it alone. We need great people to help us do great things – for our customers, our culture, and our ability to attract other great people. We are changing the face of government IT and building a workforce that fuels this mission. Are you ready to be a transformer?

    What You Can Expect

    Interview & Hiring Process

  • During the Interview Process
  • Virtual video interview conducted via video with the hiring manager and / or team
  • Camera must be on
  • A valid photo ID must be presented during each interview
  • During the Hiring Process
  • Enhanced Biometrics ID verification screening
  • Background check, to include :
  • Criminal history (past 7 years)
  • Verification of your highest level of education
  • Verification of your employment history (past 7 years), based on information provided in your application
  • Employee Perks

  • Employee Assistance Program (EAP)
  • Corporate Discounts
  • Learning & Development platform, to include certification preparation content
  • Training, Education and Certification Assistance
  • Referral Bonus Program
  • Internal Mobility Program
  • Pet Insurance
  • Flexible Work Environment
  • Available to full-time employees
  • Our employees' unique talents and contributions are the driving force behind our success in supporting our customers, which ultimately fuels the success of our company. Join us and be a part of a culture that invests in its people and prioritizes continuous enhancement of the employee experience.

    We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran. EOE, including disability / vets.

    Posted Pay Range

    The posted pay range, if referenced, reflects the range expected for this position at the commencement of employment, however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, education, experience, and internal equity. The total compensation package for this position may also include other compensation elements, to be discussed during the hiring process. If hired, employee will be in an "at-will position" and the GovCIO reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, GovCIO or individual department / team performance, and market factors.

    Posted Salary Range

    USD $180,000.00 – USD $210,000.00 / Yr.

    J-18808-Ljbffr

    serp_jobs.job_alerts.create_a_job

    Cyber Security • San Antonio, TX, US