Position Title: Senior Security Integration Engineer (Elastic Stack)
Location: Schriever Space Force Base, Colorado Springs, CO or Redstone Arsenal, Huntsville, AL
Remote/Telework: NO - Not available for this position
Clearance Type: DoD Secret
Shift: Day shift
Travel Required: Up to 10% of the time
MUST BE A US CITIZEN
Description of Duties:
The Senior Security Integration Engineer (Elastic Stack) supports the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract. The candidate will:
⢠Be responsible for onboarding, integrating, and optimizing security data sources into the Elastic Security Platform.
⢠Collaborate with customer technical teams to map their environment, plan ingestion strategies, update network and data flow diagrams, validate logging pipelines, and ensure successful end-to-end SIEM integration.
Key Responsibilities:
⢠Conduct assessments of customer environments and identify required logging, telemetry, and network visibility gaps.
⢠Translate customer operational requirements into ingestion roadmaps and technical implementation plans.
⢠Develop, maintain, and version-control network diagrams, data flow diagrams, and SIEM onboarding documentation.
⢠Produce runbooks, integration guides, and operational reference materials.
⢠Monitor ingestion health and coordinate issue resolution with customers and internal teams.
⢠Ensure adherence to security policies, logging standards, and architectural governance.
⢠Provide technical guidance and mentorship to junior engineers working on data ingestion and SIEM onboarding tasks.
⢠Contribute to onboarding playbooks, best practices, and internal training sessions.
⢠Serve as a subject-matter expert on Elastic SIEM capabilities and logging integration patterns.
The successful candidate will have:
⢠Expert proficiency with Elastic Stack design, ingestion, and optimization.
⢠Advanced competency in network architecture, security telemetry, and log analytics.
⢠Strong troubleshooting skills covering ingestion failures, ECS issues, agent deployment, and pipeline errors.
⢠Skilled at engaging customers, translating requirements, and articulating complex integrations clearly.
⢠Effective at producing structured, high-quality documentation and diagrams.
⢠Demonstrated ownership of complex projects from planning through execution.
⢠Detail-oriented with a focus on accuracy, completeness, and mission assurance.
⢠Ability to balance customer requirements with architectural standards and best practices.
Resumes, in month and year format, must be submitted with application in order to be considered for the position. The selected candidate may be assigned as an employee for one of our teammate companies.
Requirements
Basic Requirements:
⢠Must have 10, or more, years of general (full-time) work experience
o May be reduced with completion of advanced education
⢠Must have 5, or more, years of experience in cybersecurity engineering, systems integration, or SIEM operations.
⢠Must have 2, or more, years of experience in a lead or senior role, mentoring and guiding other team members.
⢠Must have a strong understanding of enterprise networks, including routing, switching, VPNs, firewalls, and network security tools.
⢠Experience with data ingestion, processing, and enrichment techniques.
⢠Must be able to build and maintain network and data flow diagrams (e.g., Visio, Lucidchart, Draw.io).
⢠Must be proficient in Linux systems, command-line tools, and system administration fundamentals.
⢠Must have experience working directly with customers in a technical consulting or engineering capacity.
⢠Must have a DoD 8570.01-M IAT Level II certification with Continuing Education (CE) - (CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP)
⢠Must have an active DoD Secret Security Clearance
⢠Must be able to obtain/maintain a DoD Top Secret Security Clearance
Desired Requirements:
⢠Have 1, or more, of the following: Elastic Certified Engineer, Elastic Certified Analyst, or relevant Elastic certifications.
⢠Have experience with cloud platforms and logging pipelines (AWS, Azure, GCP, cloud-native telemetry).
⢠Be familiar with ECS (Elastic Common Schema) and data normalization best practices.
⢠Have experience implementing detection engineering or threat hunting workflows in Elastic Security.
⢠Have knowledge of scripting languages (Python, PowerShell, Bash) to automate ingestion and data validation.
⢠Have experience integrating EDR, NDR, IAM, and vulnerability management logs into a SIEM.
⢠Have an understanding of MITRE ATT&CK, cyber kill chain, and threat intelligence ingestion.
⢠Have experience mentoring or leading small technical teams.
This position is expected to pay $130,000 â $150,000 annually; depending on experience, education, and any certifications that are directly related to the position.
Benefits
GCS health and welfare benefits are designed to invest in you, and in the things you care about. Your health. Your well-being. Your security. Your future. Typical benefits offered include flexible work schedules and opportunities to work remotely, educational reimbursement, retirement benefits (401K, Roth), health benefits, tax saving options, disability benefits, life and accident insurance, voluntary benefits, paid time off and paid holidays, and parental and pregnancy leave.
Apply Now
Activate JobCopilot
Your email job alert is now active!