Lead Cybersecurity Consultant with Elastic Stack

Remote Full-time
Role : Cybersecurity Lead Consultant with Elastic Stack

Location : USA/Remote Work

Experience
• 10–12 years of overall experience in Cybersecurity / Information Security
• 5–6 years of hands-on experience with Elastic Stack (ELK / Elastic Security)
• Monitoring and Investigation experience is required

Job Summary:

We are seeking a highly experienced Cybersecurity professional with deep expertise in Elastic SIEM and security analytics. The role involves designing, implementing, and managing Elastic-based security monitoring solutions, leading threat detection initiatives, and supporting incident response and SOC operations across enterprise environments.
Key Responsibilities

Elastic SIEM & Security Operations
• Design, deploy, and manage Elastic Stack (Elasticsearch, Logstash, Kibana, Beats / Elastic Agent)
• Implement and maintain Elastic Security (SIEM & EDR) solutions
• Develop, tune, and optimize detection rules, alerts, and dashboards
• Map detections to MITRE ATT&CK framework
• Perform log onboarding for security devices, servers, endpoints, and cloud platforms Threat Detection & Incident Response
• Monitor and analyze security events to identify threats, anomalies, and intrusions
• Lead incident investigations, root cause analysis, and forensic activities
• Support SOC teams with advanced threat hunting using Elastic
• Reduce false positives and improve detection accuracy Log Management & Data Engineering
• Build and optimize log ingestion pipelines using Logstash and Ingest Pipelines • Normalize and enrich security data from multiple sources
• Ensure scalability, performance tuning, and index lifecycle management (ILM) Cloud & Endpoint Security
• Integrate Elastic with AWS / Azure / GCP security logs
• Monitor Kubernetes, containers, and cloud-native workloads
• Implement and manage Elastic Endpoint Security (EDR) Leadership & Collaboration
• Act as technical lead for Elastic SIEM initiatives
• Mentor junior analysts and engineers
• Work closely with SOC, IR, DevOps, and compliance teams
• Support audits, risk assessments, and compliance requirements

Required Skills & Qualifications Technical Skills
• Strong expertise in Elastic Stack (ELK) and Elastic Security
• Experience with SIEM, SOC operations, and threat hunting
• Proficiency in Linux, networking, TCP/IP, DNS, HTTP
• Scripting skills (Python, Bash, or similar)
• Experience with REST APIs and JSON
• Strong understanding of attack vectors, malware, and adversary tactics Security Knowledge • Incident response & digital forensics
• Threat intelligence and use case development
• MITRE ATT&CK, kill chain, IOC management
• Knowledge of compliance frameworks (ISO 27001, SOC 2, PCI-DSS – preferred)

Preferred / Nice to Have
• Elastic Certified Engineer / Analyst
• Experience with Splunk, QRadar, or other SIEMs
• Cloud security certifications (AWS/Azure/GCP)
• CISSP, GCIA, GCIH, or similar certifications Soft Skills
• Strong analytical and problem-solving skills
• Ability to work in high-pressure incident situations
• Excellent communication and documentation skills
• Leadership and mentoring mindset

Apply tot his job

Apply To this Job
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Administrative Data Entry Assistant

Remote

Immediate Hiring: Travel Professional (Remote) - Entry Level

Remote

Patient Experience Specialist

Remote

Senior Events Manager

Remote

Experienced Data Entry Administrator – Newark, NJ at careerzynith

Remote

Data Analyst, Bureau of Hepatitis, HIV, and STI

Remote

**Experienced Full Stack Data Entry Specialist – Remote Work Opportunity with arenaflex**

Remote

Director – Life Sciences Strategy & Intelligence

Remote

**Experienced Data Entry Specialist – Remote Opportunity at arenaflex**

Remote

**Experienced Entry-Level Data Entry Specialist – Remote Work Opportunity with arenaflex**

Remote
← Back