ECS

Sr. Security Analyst

ECS$90K — $120K *
US-AnywhereRemote in Virginia, US
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 2+ years of cybersecurity experience
  • Proficiency in Elastic SIEM, including monitoring and investigation
  • Strong understanding of network protocols and cybersecurity fundamentals
  • Analytical skillset for detecting patterns across data
  • Experience in scripting and automation with Python or PowerShell
  • Proficient in creating and tuning SIEM rules and dashboards
  • Strong written and verbal communication skills

Responsibilities

  • Perform network monitoring and intrusion detection analysis using defense tools
  • Utilize Elastic SIEM for event correlation and identifying indicators of compromise
  • Implement and enhance detection strategies for log-based and endpoint threats
  • Develop and tune SIEM content, including detection rules and dashboards
  • Correlate data across multiple environments to detect attacks
  • Triage alerts from SIEM, document incidents, and provide reporting
  • Investigate new threats to improve detection methods and incident handling
  • Analyze phishing submissions and recommend response actions
  • Support incident response activities and conduct root cause analysis
  • Automate investigation workflows with scripting and integrate telemetry sources
  • Train customer teams on SIEM usage and security best practices
  • Contribute to SOC documentation and continuous improvement processes

Benefits

  • Remote work opportunity
  • Opportunity to work on cutting-edge cybersecurity tools
  • Engagement in diverse threat detection and incident response tasks
  • Contribution to customer training and operational success
  • Potential for travel, providing varied experiences in different environments
Full Job Description
Everforth ECS is seeking a Sr. Security Analyst to work in our Remote office. This position is contingent upon additional funding.

We are seeking a Security Analyst with strong Elastic SIEM experience and solid cybersecurity fundamentals who can investigate alerts, hunt threats, and help operationalize detection capabilities across network, cloud, and endpoint telemetry. This role requires analytical rigor, comfort working directly with customers, and the ability to operate with limited oversight in fast-paced environments.

Key Responsibilities

  • Network Monitoring & Intrusion Detection: Perform analysis using defense tools including IDS/IPS, firewalls, and host-based security systems.
  • SIEM Operations (Elastic SIEM): Use Elastic SIEM to correlate events, identify indicators of compromise, and produce actionable intelligence for response.
  • Threat Detection Engineering (Analyst-led): Implement and improve log-based and endpoint-based detection strategies; validate detections and recommend tuning based on outcomes.
  • Content Development: Develop and tune SIEM content such as detection rules, machine learning rules, dashboards, and visualizations aligned to customer requirements.
  • Activity Correlation: Correlate data across network, cloud, and endpoints to identify attacks and unauthorized actions.
  • Alert Management & Reporting: Triage alerts from SIEM and other sensors; document incidents with clear technical reporting and recommendations.
  • Threat Research: Investigate emerging threats and vulnerabilities to enhance detection and incident identification processes.
  • Phishing Analysis: Analyze phishing submissions and recommend appropriate response actions.
  • Incident Response Support: Support containment and mitigation activities; contribute to root cause analysis and corrective actions.
  • Automation & Integrations: Create or maintain scripts (Python/PowerShell) for investigation support, enrichment, and workflow automation; help integrate telemetry sources into Elastic as needed.
  • Customer Training & Enablement: Provide training to customer teams on SIEM usage, detection capabilities, investigation workflows, and security best practices to drive long-term operational success.
  • Operational Excellence: Contribute to documentation (runbooks, detection standards, triage playbooks) and continuous improvement of SOC workflows.


Salary Range: $90,000 - $120,000

General Description of Benefits

  • 2+ years of cybersecurity experience
  • Elastic SIEM proficiency: Monitoring, detection, triage, and investigation using Elastic SIEM; experience with Kibana and familiarity with Logstash / ingest pipelines preferred
  • Strong cybersecurity fundamentals including network protocols, encryption concepts, and vulnerabilities
  • Strong analytical skills for identifying patterns and anomalies across multiple data sources
  • Scripting/automation experience using Python or PowerShell
  • Experience creating and tuning SIEM rules, signatures, and dashboards
  • Strong written and verbal communication skills
  • Ability to problem-solve and operate under pressure in fast-paced environments
  • Willingness to support domestic or international travel (short, planned engagements)
  • Must possess and maintain a U.S. Passport
  • Must have a Secret clearance, at minimum

About ECS

ECS is a leading provider of digital solutions and services to the federal government. The company was founded in 2001 by Roy Kapani and has since grown to become a trusted partner to a wide range of government agencies. ECS offers a broad range of services, including cloud computing, cybersecurity, and artificial intelligence. The company has been recognized for its innovative solutions and has won numerous awards, including the AWS Public Sector Partner of the Year award.
Learn more about ECS
Size
2,000 employees
Industry

Similar Jobs

More Jobs at ECS

More Information Technology Jobs

Find similar Sr. Security Analyst jobs: