Job Summary
Security Specialist ElasticSearch / Elastic SIEM
Key Responsibilities
Skill Requirements
Elastic Security : ElasticSearch, Kibana, Elastic Security alerts, timelines, cases, Discover, dashboards Query / Analysis : KQL, Lucene, basic ElasticSearch DSL/EQL, event correlation, log search and filtering SOC Operations : Alert triage, prioritization, escalation, investigation notes, false-positive analysis, shift handover Log Sources : Endpoint, Windows/Linux, firewall, proxy, DNS, VPN, web/app, cloud, identity, SAP and non-SAP logs Ticketing : ServiceNow, Jira, incident/task documentation, SOP-based execution Security Knowledge : MITRE ATT&CK; basics, NIST/ISO awareness, network fundamentals: TCP/IP, DNS, HTTP/S, VPN, proxies
Other Requirements
Preferred Skills Splunk / SAP Enterprise Threat Detection / Microsoft Sentinel exposure. EDR tools: CrowdStrike, SentinelOne, Microsoft Defender for Endpoint, Carbon Black. Threat intelligence: MISP, ThreatConnect, Anomali. Wireshark, Zeek/Bro, cloud security monitoring across AWS/Azure/GCP. Python, PowerShell, Bash basics for log parsing or repetitive investigation tasks. Basic malware/forensics awareness using Volatility, FTK, or Autopsy