Sr. SIEM Engineer with Security Clearance

Role : Sr. SIEM Engineer (Elastic Confluence) Location : 5 days onsite in Ft. Belvoir, VA Duration : Long Term Contract Citizenship : US Citizen (able to obtain Secret Clearance) They either need to be Elastic Certified or be willing to obtain an Elastic Certification within the first 90 days. Looking for a SME with security and transport experience as well as working with the system feeding Elastic. Top Requirements Elastic Confluence Security or any IAT Level II Cert SIEM experience Responsibilities : Design, deploy, configure, and maintain Elastic stack and Confluent deployments Manage, patch, and upgrade Elasticsearch, Confluent, and other related systems Tune and optimize Elastic stack deployments based on application / customer needs Design and configure ETL data pipelines to ingest customer defined data sets such as application logs, metrics, and or threat events Create custom visualizations and dashboards using Kibana Configure and maintain index templates and information lifecycle management (ILM) policies Develop Elastic alerting solutions using Watcher and / or Kibana Rules and Connectors with integrations to ticketing systems, email, and messaging apps as required Develop Machine Learning (ML) jobs to dynamically monitor and alert on identified metrics, KPIs, and / or data anomalies Follow ITIL based change management processes to move solutions from Dev to Test and into Production Run the day-to-day operations of the security operations center Investigate incidents and lead response efforts as applicable Required Skills : A Secret clearance will be required to maintain this position Compliance with DoD 8140 / 8570 IAT Level II certification prior to start date At least 5 years of hands-on experience in deployment, configuration, and solution development using the Elastic Stack for security and logging use-cases. Specific experience with Elastic SIEM is plus Demonstrated experience with the full Elastic Stack - Elasticsearch, Logstash, Kibana, Beats, Machine Learning, and REST API integration Experience integrating Elasticsearch with external systems (e.g. SOAR tools, Threat Intel Platforms) Experience with data management : hot / warm / cold architectures, shard allocation / re-allocation, snapshots & restoration Strong experience with evaluating existing Elastic clusters, configuration parameters, indexing, search and query performance tuning, security, and cluster administration Experience integrating Elasticsearch with alternate authentication mechanisms such as SAML, LDAP, and PKI Experience with supporting the Elastic Stack in on-prem and SaaS environments including system monitoring and tuning Experience securing the Elastic stack and hardening hosting environments Experience with the design and implement of highly scalable solutions using the Elastic Stack Experience in developing data structures, data mapping from various sources to achieve data normalization using Elastic Common Schema Experience developing Logstash and / or Elastic Ingest Pipelines Experience developing custom visualizations and dashboards using Kibana, including creating specialized reporting solutions through Elasticsearch and Kibana APIs to meet complex stakeholder requirements Experience in end-to-end Low-level design, development, administration, and delivery of Elasticsearch based reporting solutions Strong technical foundation in building reliable, scalable, and supportable systems Experienced in Red Hat Enterprise Linux deployment and administration Desired Skills : Experience using and developing Ansible playbooks for automation of system deployment and / or configuration Experience with developing in multiple languages (Python, Bash, PowerShell, Painless, etc.). Understanding of the MITRE ATT&CK framework Certified Elastic Engineer or willingness to gain certification within 90 days of hire Experience with cloud environments (e.g., Azure, AWS, GCP, etc.) and cloud security architecture Experience condensing large environments to a single pane of glass view to facilitate optimal operational efficiency Experience leading incident response and forensic investigative initiatives Demonstrated ability to create and present executive level briefings Experience with Army policies, regulations, and processes preferred Thanks and Regards Murali Sharma 202.828.3494bfb3568a-762b-4989-884b-a9682aa104ca