Sr. EDR Specialist

2 days ago

Colorado Springs, Colorado, United States ECS Full time

Job Description
ECS is seeking a
Sr Elastic EDR Specialist
to work in our
Colorado Springs, CO
office.
Please Note:
This position is contingent upon contract award.
As a leading managed cybersecurity services provider, ECS delivers a highly tailored and customized offering to each customer. The Professional Services Team is responsible for working with our customers to understand their needs and delivering a complete solution. We will leverage your unique skills to help solve customers' challenges, such as engineering a system to address a technical hurdle, protecting customer data, or consulting on a wide range security topics. You are empowered to engage and lead across multiple groups and must have the self-sufficiency and focus to work well without constant oversight.

This role requires a blend of technical proficiency with Elastic SIEM, cybersecurity principles, and strong analytical capabilities to effectively protect against and respond to cyber threats. The candidate should also possess excellent interpersonal skills to communicate complex security issues to a broad audience effectively.

Responsibilities

  • Network Monitoring and Intrusion Detection: Perform analysis using various defense tools, including IDS/IPS, firewalls, and host-based security systems.
  • SIEM Management: Utilize Elastic SIEM to correlate events and identify indicators of threats, creating actionable intelligence.
  • Threat Research: Investigate emerging threats and vulnerabilities to enhance incident identification processes.
  • Threat Detection: Implement both log-based and endpoint-based detection strategies to identify and mitigate threats from multiple sources.
  • Content Development: Develop and customize SIEM content such as machine learning rules, signatures, and dashboards according to customer requirements.
  • Activity Correlation: Correlate data across network, cloud, and endpoints to identify attacks and unauthorized actions.
  • Alert Management: Review and respond to alerts from SIEM and other sensors; document incidents in formal, technical reports.
  • Phishing Analysis: Analyze phishing email submissions to determine threat levels and appropriate responses.
  • Incident Response Support: Provide effective incident response and mitigation strategies to contain and rectify breaches.
  • Threat Intelligence Integration: Collaborate with threat intelligence and threat-hunting teams to maintain up-to-date knowledge of threat landscapes.
  • Tool Evaluation: Assist in assessing new security tools and analytical techniques for integration into managed security services.
  • Breach Investigation: Support both large-scale and smaller-scale cyber breach investigations.
  • Stakeholder Communication: Effectively communicate cyber events and findings to both internal and external stakeholders.

Salary Range: $120,000 - $160,000
General Description Of Benefits
Required Skills

  • 4+ years of cyber experience
  • Deep Knowledge of Elastic SIEM: Proficient in using Elastic SIEM for monitoring, threat detection, and response. Experience with using Kibana, Logstash, Ingest Pipelines, Enterprise Search or Observability preferred.
  • Elastic Defend/EDR Expertise: Strong hands-on experience deploying, tuning, and managing Elastic Defend for endpoint detection and response, including creating detection rules, managing agents, and analyzing endpoint telemetry for threat hunting and incident response.
  • Cybersecurity Expertise: Strong understanding of network protocols, encryption, and vulnerabilities.
  • Analytical Skills: Ability to analyze complex data from various sources to deduce patterns and detect anomalies.
  • Programming/Scripting: Familiarity with scripting languages like Python or PowerShell to automate tasks and manipulate data.
  • Content Creation: Experience in creating and tuning SIEM rules, signatures, and dashboards.
  • Communication Skills: Excellent written and verbal communication skills for reporting and stakeholder engagement.
  • Problem-Solving: Strong problem-solving skills with the ability to work under pressure in a fast-paced environment.
  • Able and willing to support domestic or international on-site travel with customers or at ECS offices. Any travel will be short in duration and well-planned.
  • Possess and maintain a U.S. Passport
  • Must have a Secret clearance, at minimum

Desired Skills

  • Certifications: Preferred certifications include CISSP, CEH, GCIH, or Elastic Certified Analyst.
  • Experience: Previous experience in a cybersecurity operations center (SOC) environment is highly desirable.
  • Prior experience working as an analyst in a Security Operations Center (SOC).
  • Prior experience working EDR, SIEM, SOAR, and ticketing technologies.
  • Knowledge of threat actor tactics, techniques, and procedures (TTPs).
  • Ability to support ad hoc scripting in any language.
  • Possess an industry-recognized entry-level certification (e.g., A+, Net+, Sec+, GSEC, etc.)

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3300+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.

  • Sr. Elastic Defend Architect

    2 days ago

    Colorado Springs, Colorado, United States ECS Full time

    ECS is seeking a Sr. Elastic Defend Architect to work in our Colorado Springs, CO office.Are you passionate about the ever-evolving world of cybersecurity and eager to make a positive and lasting impact? Join our team at ECS, a leading provider of advanced solutions in cloud, cybersecurity, artificial intelligence (AI), data, and enterprise transformation....

  • Sr Specialist, Systems Engineer

    13 hours ago

    Colorado Springs, Colorado, United States L3HHCM20 Full time $90,500 - $168,500

    Job Title: Sr Specialist, Systems Engineer (Cloud Systems)Job Code: 32135Job Location: Colorado Springs, CO or Chantilly, VAJob Schedule:  9/80 (Every other Friday off)Relocation: Relocation asssistance is available to qualified applicantsJob Description:  The Narya Program is seeking highly skilled and motivated Systems Engineers to join our dynamic team....

  • Sr. Specialist, Software Engineering DevSecOps

    2 weeks ago

    Colorado Springs, Colorado, United States L3Harris Technologies Full time

    L3Harris is dedicated to recruiting and developing high-performing talent who are passionate about what they do. Our employees are unified in a shared dedication to our customers' mission and quest for professional growth. L3Harris provides an inclusive, engaging environment designed to empower employees and promote work-life success. Fundamental to our...

  • Sr. Administrative Specialist

    2 days ago

    Colorado Springs, Colorado, United States Jobgether Full time

    This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Remote Administrative Specialist. In this role, you will provide crucial support to the management team by handling various administrative tasks. You will coordinate between departments, assist with external reporting, and ensure compliance with established...

  • Sr. Portfolio Specialist

    2 weeks ago

    Colorado Springs, Colorado, United States Jobgether Full time $108,000 - $135,000

    This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Remote Multi-Specialty Portfolio Specialist. In this role, you will focus on achieving sales goals across a diverse range of therapeutic areas, including primary care, urology, and women's health. Known for your collaborative approach and tactical mindset, you...

  • Sr. Specialist ISSE

    2 weeks ago

    Colorado Springs, Colorado, United States ITS, LLC Full time

    *Position Overview*The Information Systems Security Engineer (ISSE) supports the design, development, integration, and sustainment of secure information systems across classified environments. The ISSE ensures cybersecurity requirements are properly defined, implemented, assessed, and maintained throughout the system lifecycle in compliance with DoD, IC, and...

  • Sr Principal Cyber Sys Engr – Cyber Tools Tanium Integr Spec

    2 weeks ago

    Colorado Springs, Colorado, United States Northrop Grumman Full time $142,200 - $213,200

    RELOCATION ASSISTANCE: No relocation assistance availableCLEARANCE TYPE: SecretTRAVEL: Yes, 10% of the TimeDescriptionAt Northrop Grumman, our employees have incredible opportunities to work on revolutionary systems that impact people's lives around the world today, and for generations to come. Our pioneering and inventive spirit has enabled us to be at...

  • Sr Elastic Engineer

    2 weeks ago

    Colorado Springs, United States Apex Systems Full time

    Job#: 3017651 Job Description: CANDIDATES MUST HOLD AN ACTIVE SECRET SECURITY CLEARANCE OR HIGHER TO BE CONSIDERED FOR THE ROLESr. Elastic Engineer $55 - $70 an hr/W2Duration: 6mth CTHLocation: Colorado Springs, CO (Schriever SFB) or (Huntsville, AL, Redstone Arsenal)Onsite requirements: 100% OnsiteRequired working hours: Mon-Fri / Day ShiftDescription of...

  • Senior Planner

    2 days ago

    Saratoga Springs, New York, United States EDR (Environmental Design & Research) Full time

    EDR is seeking a versatile, team-orientedSenior Plannerto join ourPlanning Practice Area in our Saratoga Springs, NY office.Qualified candidates will have master's degree in Planning or similar field of study plus 5+ years of practice in the field.Key ResponsibilitiesSenior Planners will be responsible for coordinating project implementation with, and on...

  • Sr. Elastic Defend Architect

    24 hours ago

    Colorado Springs, United States A&M Technologies, Inc. Full time

    A&M Technologies is seeking an experienced Elastic Defend Architect to join our partner's Managed Security Service Provider (MSSP) team. The ideal candidate will possess deep expertise in Elastic Defend, Elastic Security, and Elasticsearch, with strong experience designing and implementing scalable, resilient endpoint security architectures. This role...

  • Sr. Elastic Defend Architect

    2 weeks ago

    Colorado Springs, CO, United States A&M Technologies, Inc. Full time

    A&M Technologies is seeking an experienced Elastic Defend Architect to join our partner's Managed Security Service Provider (MSSP) team. The ideal candidate will possess deep expertise in Elastic Defend, Elastic Security, and Elasticsearch, with strong experience designing and implementing scalable, resilient endpoint security architectures. This role...

  • Sr. Elastic Defend Architect

    1 day ago

    Colorado Springs, CO, United States A&M Technologies, Inc. Full time

    A&M Technologies is seeking an experienced Elastic Defend Architect to join our partner's Managed Security Service Provider (MSSP) team. The ideal candidate will possess deep expertise in Elastic Defend, Elastic Security, and Elasticsearch, with strong experience designing and implementing scalable, resilient endpoint security architectures. This role...

  • Sr. Elastic Defend Architect

    1 week ago

    Colorado Springs, CO, United States A&M Technologies, Inc. Full time

    A&M Technologies is seeking an experienced Elastic Defend Architect to join our partner's Managed Security Service Provider (MSSP) team. The ideal candidate will possess deep expertise in Elastic Defend, Elastic Security, and Elasticsearch, with strong experience designing and implementing scalable, resilient endpoint security architectures. This role...

  • Sr. Elastic Defend Architect

    5 days ago

    Colorado Springs, CO, United States A&M Technologies, Inc. Full time

    A&M Technologies is seeking an experienced Elastic Defend Architect to join our partner's Managed Security Service Provider (MSSP) team. The ideal candidate will possess deep expertise in Elastic Defend, Elastic Security, and Elasticsearch, with strong experience designing and implementing scalable, resilient endpoint security architectures. This role...

  • Sr. Elastic Defend Architect

    4 days ago

    Colorado Springs, CO, United States A&M Technologies, Inc. Full time

    A&M Technologies is seeking an experienced Elastic Defend Architect to join our partner's Managed Security Service Provider (MSSP) team. The ideal candidate will possess deep expertise in Elastic Defend, Elastic Security, and Elasticsearch, with strong experience designing and implementing scalable, resilient endpoint security architectures. This role...

  • Sr. Elastic Defend Architect

    5 hours ago

    Colorado Springs, CO, United States A&M Technologies, Inc. Full time

    A&M Technologies is seeking an experienced Elastic Defend Architect to join our partner's Managed Security Service Provider (MSSP) team. The ideal candidate will possess deep expertise in Elastic Defend, Elastic Security, and Elasticsearch, with strong experience designing and implementing scalable, resilient endpoint security architectures. This role...

  • Sr. Computer Network Support Specialist

    2 weeks ago

    Colorado Springs, CO, United States Nisga'a CIOPS, LLC Full time

    Overview Please note that this position is contingent upon the successful award of a contract currently under bid. Nisga'a CIOPS provides hands-on experienced services to civilian and DoD programs worldwide. Delivering highly skilled, cleared personnel who provide services on five continents for a portfolio of customers. Summary: The Sr. Computer Network...