Job Description :
Incident Detection & Response (Endpoint security) Consultant
NYC NY
3+ Months
Mode of Interview 2 Phone Interview
Onsite / Remote – first 2 weeks onsite, then 1 week per month onsite after that
Travel and Expenses – paid for by client.
Objective:
Normalize and integrate all current network devices, Windows and Linux systems to an ELK stack using SYSLOG, Elastic or specific logging API.
Scope:
Plan, implement and document an enterprise log aggregation environment
Work with teams to identify systems and logging needs
Test, document and communicate logging templates to necessary teams
Document all development, changes and all other work product
Necessary Skills:
Hands on knowledge of SYSLOG on Linux and Network devices (Juniper/Cisco/F5)
Understanding of Elastic configurations and ability to create standardized template for use across environment
Knowledge of critical Linux Logs, Windows Event Logs and Network Logs
Ability to coordinate the implementation across multiple teams (IT Services, DevOps, Network Engineering & System Engineering); being hands on when necessary