Job Title: ELK Security Developer (2 vacancies)
Reports To: Cyber Security
Job Purpose: The person will be responsible for creation and refinement of Custom Security Rules (Basic and Correlation Use Cases) and Dashboards for Security monitoring on the ELK (ElasticSearch, LogStash, Kibana) logging platform.
Job Overview
• Should have at least two years’ experience in architecting, designing, developing solutions using the ELK (Elasticsearch, Logstash and Kibana) stack
• Should have Information Security knowledge and experience.
• Should have a good understanding of Security technologies and its functions.
• Strong experience in query languages and writing complex queries with joins and aggregate that deals with large amount of data.
• Experience with LUA or similar scripting systems.
• Experience with implementing and use of Elastic Stack (XPack) for security, monitoring & auditing.
• Good knowledge on ELK security, SIEM module and Lucene syntax

Responsibilities and Duties
• Write complex grok, json and mutate filters and correlation rules spanning multiple different security systems logging into ELK
• Write custom rule sets for Security Detection and Monitoring on ELK stack
• Create dashboards on Kibana to Visualize data and events which help identify trends, anomalies and monitor the general health or security status of the environment
• Co-ordinate with external teams for gathering requirements

Qualifications
Bachelor’s degree in Engineering