Elasticsearch Engineer

This position will support the Defense Information Systems Agency (DISA) GSM-O II program and DISA Global Defensive Cyber Operations (DCO) organization based out of Scott AFB IL with as a Elasticsearch Engineer.

Job Summary

The Elasticsearch Engineer role will provide support for a large enterprise Elasticsearch deployment. This role requires providing design configuration maintenance and troubleshooting support in the Elastic environments in both cloud and on prem. And also ensure data feeds and application operation are maintained and provide support to cyber security analysts in development of analytics and other operational aspects of the Elastic product. This role will also collaborate with architecture engineering development and operations teams; ensuring production scalability and stability while maintaining data integrity.

Job Responsibilities

• Building and Managing Elasticsearch Clusters: This includes tasks like installing configuring and securing Elasticsearch clusters as well as troubleshooting issues.
• Data Modeling and Indexing: Defining indexes dynamic templates and lifecycle management policies to optimize data storage and retrieval.
• Developing Search Solutions: Writing and executing search queries including complex Boolean queries aggregations and using runtime fields.
• Working with the Elastic Stack: Integrating Elasticsearch with other components like Kibana Beats and Logstash to build comprehensive solutions.
• Performance Optimization: Ensuring that Elasticsearch deployments are performant and scalable to meet specific needs.
• Data Analysis and Visualization: Utilizing Kibana to analyze and visualize data stored in Elasticsearch.
• Troubleshooting and Issue Resolution: Identifying and resolving issues within the Elasticsearch environment.

Basic Qualifications

• BS degree and 4 to 8 years of relevant experience in IT and Cybersecurity
• Must have DoD-8570 IAT Level 2 baseline certification (Security CE or higher) at start date and be able to obtain CSSP-A certification within 180 days of start date.
• 2 years of experience with Elasticsearch Administration.
• Direct experience maintaining and integrating Elasticsearch within an operational enterprise information system.
• Experience with maintaining and using Elasticsearch in Commercial Cloud Platforms (e.g. AWS Google Cloud Azure).
• At least 2 of the 3 Elastic certifications listed below: Elastic Certified Engineer; Elastic Certified Observability Engineer; or Elastic Certified Analyst
• TS with ability to attain SCI is required for consideration.

Preferred Qualifications

• Experience working on the customers systems.
• Understanding of the customers system development policies.
• Additional certifications related to Elasticsearch.
• Experience with DISA and DoD Networks.
• Working knowledge of cyber operational security log analysis netflow analysis incident response malware analysis computer forensics and/or cyber-crime.
• Advanced Certifications such as SANS GIAC/GCIA/GCIH CISSP CySA or CASP.
• Demonstrated experience briefing leadership.

Original Posting:

For U.S. Positions: While subject to change based on business needs Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline onlyand not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job education experience knowledge skills and abilities as well as internal equity alignment with market data applicable bargaining agreement (if any) or other law.