EverWatch is a government solutions company providing advanced defense,intelligence, and deployed support to our country’s most criticalmissions. We are a full-service government solutions company. Harnessingthe most advanced technology and solutions, we strengthen defenses andcontrol environments to preserve continuity and ensure mission success.EverWatch employees are focused on tackling the most difficultchallenges of the US Government. We offer the best salaries and benefitspackages in our industry – to identify and retain the top talent insupport of our critical mission objectives.Work with clients and peers to build a high performing system usingElastic to aggregate logs from many systems into a single common schema.Use Elastic Common Schema (ECS) formatted fields, create qualityvisualizations and alerts that analyst can use for threat hunting, maintaininfrastructure, and identify problems or anomalous behavior before theybecome a larger issue and can be actioned on. Work with the vendor todetermine best practices for deployment and maintenance of systemarchitecture and deploy within designated security requirements.Qualifications per level:8+ yrs of experience with Elastic Stack,Logstash, Elasticsearch, Kibana, and Beats, including installing,configuring, maintaining, upgrading, and troubleshooting theseproducts.Experience building high-quality Kibana visualizations anddashboards.Experience with log pipelines and interpreting logs to determineinformation, including converting raw logs into ECS formatteddocuments.Experience with Logstash plugins, filters, regular expressions, andgrok patterns.Knowledge of cryptography protocols and standards, including TLS, mTLS,hashing algorithms, and Public Key Infrastructure (PKI)Knowledge of federal compliance standards, including NIST 800-53, FIPS,STIG, and FedRAMPSecret clearance is requiredHS diploma or GEDAdditional Qualifications:Experience working with Docker, Kubernetes, and cloud containerizationsolutions, such as Elastic Cloud on Kubernetes (ECK)Experience with Office 365 applications and Teams collaborationExperience interacting with tools through RDP, web-based UI, SSH, andCLIExperience with McAfee and TenableExperience with NiFi, Kafka, and ConfluentKnowledge of Elastic Index Lifecycle Management (ILM)Knowledge of Linux or UNIX environments, including navigating andtroubleshooting basic OS issuesKnowledge of networking protocolsAbility to understand how various systems interact with eachother.EverWatch is an Equal Opportunity/Affirmative Action Employer. Allqualified applicants will receive consideration for employment withoutregard to race, color, religion, sex (including pregnancy), genderidentity, sexual orientation, national origin, age (40 or older),disability, genetic information, citizenship or immigration status, andveteran status or any other factor prohibited by applicable law. Show more Show lessTagged as: remote, remote job, virtual, Virtual Job,virtual position, Work at Home, work from home