Key skills
Elastic StackAnsible PlaybookElastic SIEMDoD 8140 / 8570 IAT Level IIElastic Engineer certificationPythonKibanaBashPowerShellPainlessRed Hat Enterprise LinuxMachine LearningMLAnsibleECSElasticsearchSAMLLDAPLogstashREST APISaaS
About this role
ECS is a leading provider of managed cybersecurity services, and they are seeking a Senior Elastic Engineer to support their Army PEO C3N program. This technical hands-on role involves designing, building, securing, and maintaining multiple Elastic Stack Enterprise solutions in a Federal DoD environment.
Responsibilities:
- Design, build, secure, maintain, optimize, and document multiple Elastic Stack Enterprise solutions (Elasticsearch, Logstash, Kibana, Beats, ML, SIEM) deployed globally in a Federal DoD environment
- Perform continuous data normalization support functions
- Support the delivery of written technical deliverables such as SOPs and/or process workflows to optimize tool usage and contribute to new capabilities
- Support internal engineering personnel and external customer requirements
Requirements:
- Minimum Top-Secret clearance is required with SCI eligibility
- Compliance with DoD 8140 / 8570 IAT Level II certification prior to start date
- Certified Elastic Engineer or willingness to gain certification within 90 days of hire
- At least 4 years' hands-on experience in deployment, configuration, and solution development using the Elastic Stack for security and logging use-cases. Specific experience with Elastic SIEM is plus
- Demonstrated experience with the full Elastic Stack - Elasticsearch, Logstash, Kibana, Beats, Machine Learning, and REST API integration
- Demonstrated ability to utilize Ansible Playbook
- Experience integrating Elasticsearch with external systems (e.g. SOAR tools, Threat Intel Platforms)
- Experience with data management: hot/warm/cold architectures, shard allocation/re-allocation, snapshots & restoration
- Strong experience with evaluating existing Elastic clusters, configuration parameters, indexing, search and query performance tuning, security, and cluster administration
- Experience integrating Elasticsearch with alternate authentication mechanisms such as SAML, LDAP, and PKI
- Experience with supporting the Elastic Stack in on-prem and SaaS environments including system monitoring and tuning
- Experience securing the Elastic stack and hardening hosting environments
- Experience with developing in multiple languages (Python, Bash, PowerShell, Painless, etc.)
- Experience with the design and implement of highly scalable solutions using the Elastic Stack
- Experience in developing data structures, data mapping from various sources to achieve data normalization using Elastic Common Schema
- Experience developing Logstash and/or Ingest Pipelines
- Experience developing custom visualizations and dashboards using Kibana
- Developing custom reporting solutions using APIs that leverage Elasticsearch and ElastiCache
- Experience in end-to-end Low-level design, development, administration, and delivery of Elasticsearch based reporting solutions
- Strong technical foundation in building reliable, scalable, and supportable systems
- Experienced in Red Hat Enterprise Linux deployment and administration