Senior Elastic Engineer (EDR/Defend Focus) IRES - SSFB

About The Position

Requirements

• Must have 10, or more, years of general (full-time) work experience
• Must have 5, or more, years of experience working defensive cyber security
• Must have 2, or more, years of experience in a lead or senior role, mentoring and guiding other team members.
• Must have a strong understanding of security principles, threat detection, and incident response.
• Must have experience with data ingestion, processing, and enrichment techniques.
• Must be proficient in at least one scripting language (e.g., Python, Bash, PowerShell).
• Must have a current DoD 8570.01-M IAT Level II certification with Continuing Education (CE) - (CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP)
• Must have an active DoD Secret Security Clearance
• Must be able to obtain an active DoD Top Secret Security Clearance
• Expert knowledge of the Elastic Stack (Elasticsearch, Logstash, Kibana)
• Expert knowledge of Elastic EDR and Defend capabilities
• Strong understanding of data indexing, sharding, replication, and data lifecycle management.
• Strong understanding of Linux and Windows operating systems
• Strong understanding of security principles, threat detection, and incident response.
• Knowledge of common coding flaws and security vulnerabilities.
• Knowledge of network protocols and security concepts.
• Knowledge of security frameworks and compliance standards (e.g., NIST, FedRAMP).
• Ability to interpret and incorporate data from multiple tool sources.
• Ability to analyze complex requirements and translate them into clear, actionable tasks.
• Ability to work independently and as part of a team.
• Excellent communication and interpersonal skills.

Nice To Haves

• Have experience with Linux and Windows Server administration.
• Have experience with containerization technologies (Docker, Kubernetes).
• Have experience with automation tools (Ansible, Puppet, Chef).
• Have experience with cloud platforms (AWS, Azure, GCP).
• Have experience with SIEM technologies and security event management.
• Have experience with security frameworks and compliance standards (e.g., NIST, FedRAMP).
• Have a strong understanding of network protocols and security concepts.
• Have experience with threat intelligence platforms and data feeds.
• Have 1, or more, relevant security certifications (e.g., CISSP, CISM, CEH).
• Have experience tuning and optimizing Elastic EDR and Defend for specific threat landscapes.

Responsibilities

• Architect, deploy, and maintain a highly available and scalable Elastic Stack environment, specializing in Elastic EDR/Defend.
• Configure and optimize Elastic EDR/Defend policies and data pipelines for threat detection, prevention, and security event enrichment.
• Develop and maintain Kibana dashboards and visualizations for real-time security monitoring, threat identification, and incident response tracking.
• Perform proactive threat hunting and in-depth security analysis using Elastic EDR/Defend capabilities.
• Troubleshoot complex Elastic Stack issues, develop comprehensive documentation, and mentor junior engineers to ensure operational excellence.

Benefits

• Health, dental, and vision insurance
• Paid time off and holidays
• Retirement benefits (including 401(k) matching)
• Educational reimbursement
• Parental leave
• Employee stock purchase plan
• Tax-saving options
• Disability and life insurance
• Pet insurance