Senior Security Integration Engineer - HSV

About The Position

Requirements

• Must have 10, or more, years of general (full-time) work experience
• May be reduced with completion of advanced education
• Must have 5, or more, years of experience in cybersecurity engineering, systems integration, or SIEM operations.
• Must have 2, or more, years of experience in a lead or senior role, mentoring and guiding other team members.
• Must have a strong understanding of enterprise networks, including routing, switching, VPNs, firewalls, and network security tools.
• Experience with data ingestion, processing, and enrichment techniques.
• Must be able to build and maintain network and data flow diagrams (e.g., Visio, Lucidchart, Draw.io).
• Must be proficient in Linux systems, command-line tools, and system administration fundamentals.
• Must have experience working directly with customers in a technical consulting or engineering capacity.
• Must have a DoD 8570.01-M IAT Level II certification with Continuing Education (CE) - (CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP)
• Must have an active DoD Secret Security Clearance
• Must be able to obtain/maintain a DoD Top Secret Security Clearance
• Expert proficiency with Elastic Stack design, ingestion, and optimization.
• Advanced competency in network architecture, security telemetry, and log analytics.
• Strong troubleshooting skills covering ingestion failures, ECS issues, agent deployment, and pipeline errors.
• Skilled at engaging customers, translating requirements, and articulating complex integrations clearly.
• Effective at producing structured, high-quality documentation and diagrams.
• Demonstrated ownership of complex projects from planning through execution.
• Detail-oriented with a focus on accuracy, completeness, and mission assurance.
• Ability to balance customer requirements with architectural standards and best practices.

Nice To Haves

• Have 1, or more, of the following: Elastic Certified Engineer, Elastic Certified Analyst, or relevant Elastic certifications.
• Have experience with cloud platforms and logging pipelines (AWS, Azure, GCP, cloud-native telemetry).
• Be familiar with ECS (Elastic Common Schema) and data normalization best practices.
• Have experience implementing detection engineering or threat hunting workflows in Elastic Security.
• Have knowledge of scripting languages (Python, PowerShell, Bash) to automate ingestion and data validation.
• Have experience integrating EDR, NDR, IAM, and vulnerability management logs into a SIEM.
• Have an understanding of MITRE ATT&CK, cyber kill chain, and threat intelligence ingestion.
• Have experience mentoring or leading small technical teams.

Responsibilities

• Conduct assessments of customer environments and identify required logging, telemetry, and network visibility gaps.
• Translate customer operational requirements into ingestion roadmaps and technical implementation plans.
• Develop, maintain, and version-control network diagrams, data flow diagrams, and SIEM onboarding documentation.
• Produce runbooks, integration guides, and operational reference materials.
• Monitor ingestion health and coordinate issue resolution with customers and internal teams.
• Ensure adherence to security policies, logging standards, and architectural governance.
• Provide technical guidance and mentorship to junior engineers working on data ingestion and SIEM onboarding tasks.
• Contribute to onboarding playbooks, best practices, and internal training sessions.
• Serve as a subject-matter expert on Elastic SIEM capabilities and logging integration patterns.

Benefits

• Medical, Dental, and Vision coverage
• 401(k) with company match
• Paid Time Off (PTO)
• Mission-driven work with opportunities to grow