Senior Elastic Engineer (EDR/Defend Focus)

About The Position

Requirements

• Must be a U.S. Citizen.
• Must possess an active Secret security clearance.
• 10+ years general full-time work experience (may be reduced with advanced education).
• 5+ years experience with Elastic Stack (Elasticsearch, Logstash, Kibana).
• 3+ years implementing and managing Elastic EDR and Defend solutions.
• 2+ years experience in a senior or lead engineering role.
• 1+ year experience in a management or leadership role.
• Strong understanding of security principles, threat detection, and incident response.
• Experience with data ingestion, processing, and enrichment techniques.
• Proficiency in at least one scripting language (Python, Bash, PowerShell).
• Current DoD 8570.01-M IAT Level II certification (e.g., CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP).

Nice To Haves

• Experience with Linux and Windows Server administration.
• Experience with containerization technologies (Docker, Kubernetes).
• Experience with automation tools (Ansible, Puppet, Chef).
• Experience with cloud platforms (AWS, Azure, GCP).
• Experience with SIEM technologies and event management.
• Knowledge of security frameworks and compliance standards (NIST, FedRAMP).
• Understanding of network protocols and security concepts.
• Experience with threat intelligence platforms and data feeds.
• Relevant security certifications (CISSP, CISM, CEH).
• Experience tuning Elastic EDR/Defend for specific threat landscapes.

Responsibilities

• Architect, deploy, and maintain a highly available and scalable Elastic Stack environment specializing in Elastic EDR/Defend.
• Configure and optimize Elastic EDR/Defend policies and data pipelines for threat detection, prevention, and event enrichment.
• Develop and maintain Kibana dashboards and visualizations for real-time monitoring and incident response.
• Perform proactive threat hunting and security analysis using Elastic EDR/Defend capabilities.
• Troubleshoot complex Elastic Stack issues and develop documentation for operational excellence.
• Mentor and guide junior engineers in Elastic technologies and processes.
• Ensure security, scalability, and performance of Elastic Stack infrastructure.
• Integrate Elastic capabilities with other enterprise security tools and workflows.
• Analyze multi-source security data and translate complex requirements into actionable tasks.