Elastic SME

Leading with our people Digital Consultants mission is to deliver the highest level of professional solutions while being a trusted partner and advisor to our customers. With a culture of practicality opportunity and creativity we remain dedicated to being honest trustworthy respectful and ethical in everything we do. We are a certified SBA 8(a) small disadvantaged business that supports multiple IT customers within the Federal civilian and private sectors. Digital Consultants also offers our employees growth opportunities competitive wages and a full benefits package. Our founding principles Fairness and Common Sense make working here more than a job its the Digital family.

Digital Consultants is seeking an experienced Elastic Subject Matter Expert (SME) to lead and coordinate the planning design and implementation of the Elastic SIEM for a DoD customers projects. This role involves supporting a largescale migration from Splunk and requires technical expertise in the Elastic Stack a deep understanding of SIEM architecture and handson experience with data ingestion configuration tuning and monitoring in secure environments.

LOCATION: Fort Belvoir VA

Duties to include:

• Define project goals and objectives and review existing Splunk environments identifying elements for migration. Analyze and document source types sources knowledge objects dashboards and searches for transition.
• Lead the design phase determining migration criteria and architectural best practices. Outline data source requirements working closely with security network and application teams to ensure integration.
• Deploy and configure Elastic Stack components including Elasticsearch Kibana and machine learning nodes. Benchmark and tune the system for optimal performance ensuring scalability and security.
• Set up data collection pipelines configure data ingestion and implement relevant beats and Elastic agents. Define and refine rules alerts and custom dashboards tailored to the organizations security requirements.
• Oversee testing phases to validate Elastic SIEM functionality ensuring it meets security visibility threat detection and compliance goals.
• Manage Elastic SIEM deployment into production establish monitoring protocols and perform regular updates. Continuously optimize system performance and address emerging security challenges.
• Provide handson training documentation and resources to staff on Elastic SIEM operations alert management and incident response.

• Clearance: Top Secret/SCI
• Education: Bachelors degree in computer science Information Technology Cybersecurity or a related field.

Certifications:

• Advanced certifications in Elastic Stack or SIEM are preferred
• IAT III Baseline Certification (CISSP or equivalent) with appropriate work role certifications

Experience:

• 15 years overall experience in information technology and cybersecurity
• 1015 years in SIEM deployment with specific expertise in Elastic Stack; prior experience with SplunktoElastic migration is highly desirable.
• Expert knowledge in Elastic Stack (Elasticsearch Kibana Logstash Beats).
• Strong knowledge of security information and event management (SIEM) systems data pipelines and threat detection methodologies.
• Handson experience configuring tuning and monitoring Elasticsearch clusters along with custom alerting and dashboard creation.

Required Technical Skills:

• Proficiency in Elasticsearch including data modeling querying and performance tuning.
• Experience with Logstash for data ingestion and transformation.
• Knowledge of Kibana for data visualization and dashboard creation.
• Familiarity with other related technologies such as Kafka Hadoop and Spark.
• Experience in designing and implementing scalable distributed systems using the ELK stack.
• Skills in performance tuning and optimization of Elasticsearch clusters.
• Experience with cloud platforms like AWS Azure or Google Cloud for deploying and managing the ELK stack.
• Proficiency in programming languages such as Python Java or Scala.
• Experience with DevOps practices and tools like Jenkins Docker and Kubernetes for continuous integration and deployment.
• Knowledge of securing Elasticsearch clusters and implementing best practices for data security.
• Strong analytical and problemsolving skills to troubleshoot and resolve issues.
• Excellent communication skills to collaborate with crossfunctional teams and stakeholders.
• Ability to work effectively in a team environment and mentor junior team members.
• Physical: The candidate with or without reasonable accommodation must physically be able to sit or stand for extended periods of time; lift objects up to 20 pounds; require frequent physical hand dexterity and repetitive movements.

Digital Consultants an inclusive and welcoming company is fully committed to hiring and retaining a diverse workforce without regard to race color religion sex (including pregnancy gender identity and sexual orientation) genetic information national origin age 40 or older) disability Veterans status or any other protected characteristic.

We provide reasonable accommodations to individuals who need assistance during any part of the employment process. If you need assistance navigating Digital Consultants job openings or applying for a position please send an email to or call. Please provide your contact information and let us know how we can assist you.

#IND1