Sr Security Analyst

CCS, LLC
Scott Air Force Base, United States of America
23 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 140K

Job location

Scott Air Force Base, United States of America

Tech stack

Amazon Web Services (AWS)
Data analysis
Computer Security
Elasticsearch
Monitoring of Systems
Intrusion Detection and Prevention
Logstash
Security Information and Event Management
Data Logging
Kubernetes
Kibana
Splunk

Job description

We are seeking a Security Analyst to support a critical cybersecurity and monitoring initiative at Scott Air Force Base. This individual will play a key role in the organization's transition from Splunk to the Elastic ecosystem, helping establish and maintain monitoring capabilities, dashboards, and security visibility across enterprise environments.

The ideal candidate will have hands-on experience with security monitoring platforms, log aggregation, and dashboard development, along with a strong understanding of cybersecurity operations and incident detection. This position will work closely with security architects, infrastructure teams, and program stakeholders to ensure successful implementation and ongoing operational support of Elastic-based monitoring solutions., Support the migration of security monitoring and logging capabilities from Splunk to the Elastic platform. Configure, monitor, and maintain Elastic deployments, including Elastic Cloud on Kubernetes (ECK) environments. Develop and maintain dashboards, visualizations, and reporting capabilities to support security operations and leadership visibility. Analyze security events, logs, and system activity to identify potential threats, vulnerabilities, and anomalous behavior. Collaborate with Security Architects and engineering teams to implement monitoring strategies and security best practices. Assist with tuning alerts, correlation rules, and detection mechanisms to improve operational effectiveness. Support incident response efforts through data analysis and investigative activities. Document processes, configurations, and operational procedures related to monitoring and security analytics.

Requirements

Active Secret Security Clearance. 3+ years of experience in cybersecurity, security operations, or security monitoring environments. Experience working with SIEM or log management platforms such as Splunk, Elastic, or similar technologies. Experience creating dashboards, visualizations, and operational reporting. Understanding of cybersecurity principles, threat detection, and incident response processes. Strong analytical and troubleshooting skills. Ability to work effectively in a collaborative, onsite environment.

Preferred Qualifications Experience with Elastic Stack (Elasticsearch, Kibana, Beats, Logstash). Experience supporting Elastic Cloud on Kubernetes (ECK). Previous involvement in SIEM migration or modernization efforts. Experience supporting Department of Defense or Federal Government environments. Familiarity with security architecture concepts and enterprise monitoring frameworks.

Apply for this position