Senior Elastic Engineer (EDR/Defend Focus)

About The Position

Requirements

• Must have 10, or more, years of general (full-time) work experience
• May be reduced with completion of advanced education
• Must have 5, or more, years of experience working with the Elastic Stack (Elasticsearch, Logstash, Kibana)
• Must have 3, or more, years of experience implementing and managing Elastic EDR and Defend solutions
• Must have 2, or more, years of experience in a lead or senior role mentoring and guiding team members
• Must have 1, or more, years of experience working in a management or leadership role
• Must have a strong understanding of security principles, threat detection, and incident response
• Must have experience with data ingestion, processing, and enrichment techniques
• Must be proficient in at least one scripting language (Python, Bash, PowerShell)
• Must have a current DoD 8570.01-M IAT Level II certification with Continuing Education (CE) (CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP)
• Must have an active DoD Secret Security Clearance
• Must be able to obtain an active DoD Top Secret Security Clearance
• Expert knowledge of the Elastic Stack (Elasticsearch, Logstash, Kibana)
• Expert knowledge of Elastic EDR and Defend capabilities
• Strong understanding of data indexing, sharding, replication, and lifecycle management
• Strong understanding of Linux and Windows operating systems
• Strong understanding of security principles, threat detection, and incident response
• Knowledge of common coding flaws and security vulnerabilities
• Knowledge of network protocols and security concepts
• Knowledge of security frameworks and compliance standards (NIST, FedRAMP)
• Ability to interpret and incorporate data from multiple tool sources
• Ability to analyze complex requirements and translate them into clear, actionable tasks
• Ability to work independently and as part of a team
• Excellent communication and interpersonal skills

Nice To Haves

• Have experience with Linux and Windows Server administration
• Have experience with containerization technologies (Docker, Kubernetes)
• Have experience with automation tools (Ansible, Puppet, Chef)
• Have experience with cloud platforms (AWS, Azure, GCP)
• Have experience with SIEM technologies and security event management
• Have experience with security frameworks and compliance standards (NIST, FedRAMP)
• Have a strong understanding of network protocols and security concepts
• Have experience with threat intelligence platforms and data feeds
• Have one or more relevant security certifications (CISSP, CISM, CEH)
• Have experience tuning and optimizing Elastic EDR and Defend

Responsibilities

• Be a key contributor to the design, implementation, and maintenance of the Elastic Stack environment, with a primary focus on Elastic EDR and Defend
• Ensure the security, scalability, and performance of the Elastic Stack infrastructure, integrating it with existing security tools and workflows
• Architect, deploy, and maintain a highly available and scalable Elastic Stack environment specializing in Elastic EDR/Defend
• Configure and optimize Elastic EDR/Defend policies and data pipelines for threat detection, prevention, and security event enrichment
• Develop and maintain Kibana dashboards and visualizations for real-time monitoring, threat identification, and incident response tracking
• Perform proactive threat hunting and in-depth security analysis using Elastic EDR/Defend
• Troubleshoot complex Elastic Stack issues, develop documentation, and mentor junior engineers to ensure operational excellence

Benefits

• Medical, Dental, and Vision coverage
• 401(k) with company match
• Paid Time Off (PTO)
• Opportunities to make a meaningful impact while advancing your career
• And more