Security Analyst

• Monitor network and endpoint activity using IDS/IPS, firewalls, host-based security tools, and Elastic SIEM.
• Investigate alerts, correlate security events from multiple data sources, and identify indicators of compromise across network, cloud, and endpoint environments.
• Develop and tune SIEM content, including detection rules, machine learning rules, dashboards, and visualizations.
• Conduct threat hunting, phishing investigations, and vulnerability research.
• Support incident response efforts, including containment, mitigation, root cause analysis, and reporting.
• Develop automation and integrations using Python and PowerShell to support investigations and workflows.
• Assist with the integration of new telemetry sources into the Elastic SIEM.
• Deliver training to customer teams on SIEM operations, investigation workflows, and cybersecurity best practices.
• Create and maintain operational documentation such as runbooks, triage guides, and detection standards.

We are seeking a Senior Security Analyst with strong Elastic SIEM experience and solid cybersecurity fundamentals. This role involves investigating alerts, hunting for threats, and operationalizing detection capabilities across network, cloud, and endpoint telemetry. The position requires analytical rigor and the ability to operate with limited oversight in a dynamic environment., * 2+ years of cybersecurity experience.

• Proficiency with Elastic SIEM for monitoring, detection, triage, and investigation.
• Experience with Kibana.
• Scripting experience with Python and/or PowerShell.
• Experience creating and tuning SIEM rules and dashboards.
• A strong understanding of network protocols, encryption concepts, and vulnerabilities.
• Strong analytical and incident investigation skills.
• Must possess and maintain a U.S. Passport.
• Willingness to support occasional domestic or international travel., * Prior experience working in a Security Operations Center (SOC).
• Experience with EDR, SOAR, and ticketing tools.
• Familiarity with cloud security in environments such as AWS, Azure, or Google Cloud Platform.
• Experience with Elastic observability data (logs, metrics, traces) for investigations.
• Relevant certifications such as CISSP, GCIH, CEH, Elastic Certified Analyst, Security+, or GSEC.

Everforth Apex is a world-class IT services company that serves thousands of clients across the globe. When you join Everforth Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRateds Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico. Everforth Apex uses a virtual recruiter as part of the application process. Click for more details. By applying for this job, you agree to receive calls, AI-generated calls, text messages, or emails from Everforth Apex and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy at