Job Requirements
Scott AFB, IL
Secret Polygraph Unspecified
Career Level not specified
$120,000 - $140,000
Job Description
Security Analyst
Location: Scott Air Force Base, IL (901 South Drive, Building 700, Scott AFB, IL 62225)
Employment Type: Full-Time, Direct Hire
Work Schedule: 100% Onsite
Security Clearance: Active Secret Clearance Required
Relocation Assistance: Available
Target Start Date: Late August / Early September 2026
Salary Range: $120,000 - $140,000
Position Overview
We are seeking a Security Analyst to support a critical cybersecurity and monitoring initiative at Scott Air Force Base. This individual will play a key role in the organization's transition from Splunk to the Elastic ecosystem, helping establish and maintain monitoring capabilities, dashboards, and security visibility across enterprise environments.
The ideal candidate will have hands-on experience with security monitoring platforms, log aggregation, and dashboard development, along with a strong understanding of cybersecurity operations and incident detection. This position will work closely with security architects, infrastructure teams, and program stakeholders to ensure successful implementation and ongoing operational support of Elastic-based monitoring solutions.
Key Responsibilities
Support the migration of security monitoring and logging capabilities from Splunk to the Elastic platform.
Configure, monitor, and maintain Elastic deployments, including Elastic Cloud on Kubernetes (ECK) environments.
Develop and maintain dashboards, visualizations, and reporting capabilities to support security operations and leadership visibility.
Analyze security events, logs, and system activity to identify potential threats, vulnerabilities, and anomalous behavior.
Collaborate with Security Architects and engineering teams to implement monitoring strategies and security best practices.
Assist with tuning alerts, correlation rules, and detection mechanisms to improve operational effectiveness.
Support incident response efforts through data analysis and investigative activities.
Document processes, configurations, and operational procedures related to monitoring and security analytics.
Required Qualifications
Active Secret Security Clearance.
3+ years of experience in cybersecurity, security operations, or security monitoring environments.
Experience working with SIEM or log management platforms such as Splunk, Elastic, or similar technologies.
Experience creating dashboards, visualizations, and operational reporting.
Understanding of cybersecurity principles, threat detection, and incident response processes.
Strong analytical and troubleshooting skills.
Ability to work effectively in a collaborative, onsite environment.
Preferred Qualifications
Experience with Elastic Stack (Elasticsearch, Kibana, Beats, Logstash).
Experience supporting Elastic Cloud on Kubernetes (ECK).
Previous involvement in SIEM migration or modernization efforts.
Experience supporting Department of Defense or Federal Government environments.
Familiarity with security architecture concepts and enterprise monitoring frameworks.
Location: Scott Air Force Base, IL (901 South Drive, Building 700, Scott AFB, IL 62225)
Employment Type: Full-Time, Direct Hire
Work Schedule: 100% Onsite
Security Clearance: Active Secret Clearance Required
Relocation Assistance: Available
Target Start Date: Late August / Early September 2026
Salary Range: $120,000 - $140,000
Position Overview
We are seeking a Security Analyst to support a critical cybersecurity and monitoring initiative at Scott Air Force Base. This individual will play a key role in the organization's transition from Splunk to the Elastic ecosystem, helping establish and maintain monitoring capabilities, dashboards, and security visibility across enterprise environments.
The ideal candidate will have hands-on experience with security monitoring platforms, log aggregation, and dashboard development, along with a strong understanding of cybersecurity operations and incident detection. This position will work closely with security architects, infrastructure teams, and program stakeholders to ensure successful implementation and ongoing operational support of Elastic-based monitoring solutions.
Key Responsibilities
Support the migration of security monitoring and logging capabilities from Splunk to the Elastic platform.
Configure, monitor, and maintain Elastic deployments, including Elastic Cloud on Kubernetes (ECK) environments.
Develop and maintain dashboards, visualizations, and reporting capabilities to support security operations and leadership visibility.
Analyze security events, logs, and system activity to identify potential threats, vulnerabilities, and anomalous behavior.
Collaborate with Security Architects and engineering teams to implement monitoring strategies and security best practices.
Assist with tuning alerts, correlation rules, and detection mechanisms to improve operational effectiveness.
Support incident response efforts through data analysis and investigative activities.
Document processes, configurations, and operational procedures related to monitoring and security analytics.
Required Qualifications
Active Secret Security Clearance.
3+ years of experience in cybersecurity, security operations, or security monitoring environments.
Experience working with SIEM or log management platforms such as Splunk, Elastic, or similar technologies.
Experience creating dashboards, visualizations, and operational reporting.
Understanding of cybersecurity principles, threat detection, and incident response processes.
Strong analytical and troubleshooting skills.
Ability to work effectively in a collaborative, onsite environment.
Preferred Qualifications
Experience with Elastic Stack (Elasticsearch, Kibana, Beats, Logstash).
Experience supporting Elastic Cloud on Kubernetes (ECK).
Previous involvement in SIEM migration or modernization efforts.
Experience supporting Department of Defense or Federal Government environments.
Familiarity with security architecture concepts and enterprise monitoring frameworks.
group id: 10290999
