Location: Colorado Springs, CO - Schriever Space Force Base or Huntsville, AL - Redstone Arsenal
Clearance Required: Active Secret Clearance (or higher)
Travel Required: Up to 10%
This role is critical in designing, deploying, and optimizing the Elastic Stack environment with a specialized focus on Elastic EDR and Defend capabilities. You will help strengthen cybersecurity posture across the enterprise by enabling advanced detection, prevention, and analysis through a highly tuned Elastic environment.
What You'll DoAs a Senior Elastic Engineer (EDR/Defend Focus), you will:
- Be a key contributor to the design, implementation, and maintenance of the Elastic Stack environment, with a primary focus on Elastic EDR and Defend
- Ensure the security, scalability, and performance of the Elastic Stack infrastructure, integrating it with existing security tools and workflows
Key Responsibilities- Architect, deploy, and maintain a highly available and scalable Elastic Stack environment specializing in Elastic EDR/Defend
- Configure and optimize Elastic EDR/Defend policies and data pipelines for threat detection, prevention, and security event enrichment
- Develop and maintain Kibana dashboards and visualizations for real-time monitoring, threat identification, and incident response tracking
- Perform proactive threat hunting and in-depth security analysis using Elastic EDR/Defend
- Troubleshoot complex Elastic Stack issues, develop documentation, and mentor junior engineers to ensure operational excellence
What You BringThe successful candidate will have:
- Expert knowledge of the Elastic Stack (Elasticsearch, Logstash, Kibana)
- Expert knowledge of Elastic EDR and Defend capabilities
- Strong understanding of data indexing, sharding, replication, and lifecycle management
- Strong understanding of Linux and Windows operating systems
- Strong understanding of security principles, threat detection, and incident response
- Knowledge of common coding flaws and security vulnerabilities
- Knowledge of network protocols and security concepts
- Knowledge of security frameworks and compliance standards (NIST, FedRAMP)
- Ability to interpret and incorporate data from multiple tool sources
- Ability to analyze complex requirements and translate them into clear, actionable tasks
- Ability to work independently and as part of a team
- Excellent communication and interpersonal skills
QualificationsBasic Requirements:- Must have 10, or more, years of general (full-time) work experience
- May be reduced with completion of advanced education
- Must have 5, or more, years of experience working with the Elastic Stack (Elasticsearch, Logstash, Kibana)
- Must have 3, or more, years of experience implementing and managing Elastic EDR and Defend solutions
- Must have 2, or more, years of experience in a lead or senior role mentoring and guiding team members
- Must have 1, or more, years of experience working in a management or leadership role
- Must have a strong understanding of security principles, threat detection, and incident response
- Must have experience with data ingestion, processing, and enrichment techniques
- Must be proficient in at least one scripting language (Python, Bash, PowerShell)
- Must have a current DoD 8570.01-M IAT Level II certification with Continuing Education (CE) (CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP)
- Must have an active DoD Secret Security Clearance
- Must be able to obtain an active DoD Top Secret Security Clearance
Desired Requirements:- Have experience with Linux and Windows Server administration
- Have experience with containerization technologies (Docker, Kubernetes)
- Have experience with automation tools (Ansible, Puppet, Chef)
- Have experience with cloud platforms (AWS, Azure, GCP)
- Have experience with SIEM technologies and security event management
- Have experience with security frameworks and compliance standards (NIST, FedRAMP)
- Have a strong understanding of network protocols and security concepts
- Have experience with threat intelligence platforms and data feeds
- Have one or more relevant security certifications (CISSP, CISM, CEH)
- Have experience tuning and optimizing Elastic EDR and Defend
We offer competitive benefits, including:
- Medical, Dental, and Vision coverage
- 401(k) with company match
- Paid Time Off (PTO)
- Opportunities to make a meaningful impact while advancing your career
- And more
If you are ready to deploy your Elastic expertise in support of national defense missions, we want to speak with you.
