Elasticsearch Engineer

About The Position

Requirements

• Understanding of Elastic Stack capabilities and use cases across deployment, security and operations.
• Knowledge of distributed cluster architecture at scale, including multi-tenant and CCS environments.
• Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
• Strong problem-solving skills and a self-starter mentality.
• Solid written and verbal communication skills.
• Linux CLI fundamentals and basic networking knowledge.
• Familiarity with (or the drive to rapidly learn) the Elastic Stack.
• Applicants must be a U.S. citizen and eligible to obtain and maintain a security clearance, in compliance with federal contract requirements.
• 2+ years of production Elastic Stack experience.
• Hands-on experience with containerization and IaC tooling.
• Proficiency with at least one major cloud provider.
• Experience with federal security controls (TLS, SSO/SAML, PIV/CAC, STIG).
• Client-facing communication skills.
• 6+ years in systems engineering or infrastructure with deep Elastic expertise.
• Proven track record leading engagements from scoping through delivery.
• Deep knowledge of distributed cluster architecture at scale, including multi-tenant and CCS environments.
• Ability to drive client relationships and identify expansion opportunities.

Nice To Haves

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Engineering or a related field.
• Elastic certifications (ECE or being on a defined certification track).
• Elastic Security (SIEM, detection engineering, threat hunting and legacy migration).
• Detection translation experience (SPL → ES|QL or equivalent).
• Scripting proficiency (Python, Bash or PowerShell).
• Exposure to AI-augmented search, RAG or semantic search use cases.
• Prior professional services or consulting experience.

Responsibilities

• Architect, deploy and tune Elastic Stack solutions (Elastic Cloud Enterprise (ECE), Elastic Cloud on Kubernetes (ECK), Elastic Cloud) across cloud, on-prem and hybrid environments.
• Execute legacy security platform migrations, including detection translation (e.g., Search Processing Language (SPL) → (ES|QL) Elasticsearch Query Language) and analyst workflow modernization.
• Design and implement data ingestion pipelines using Elastic Agent, Fleet, Logstash and Beats.
• Harden deployments for federal compliance, including Transport Layer Security (TLS), Personal Identity Verification/Common Access Card (PIV/CAC), Single Sign-On (SSO) / Security Assertion Markup Language (SSO/SAML), Security Technical Implementation Guide (STIG) and audit logging.
• Build outcome-driven dashboards and advanced Kibana visualizations.
• Develop automation using Infrastructure-as-Code (IaC) tools (Ansible, Terraform or equivalent).
• Communicate technical decisions and trade-offs directly to client stakeholders.
• Contribute to internal IP, including reusable templates, automation and reference architectures.

Benefits

• 144 hours of PTO
• 11 holidays
• 85% of insurance premium covered
• 401k
• continued education
• certifications maintenance and reimbursement