Apply on Employer Site

ShorePoint Inc · 5 days ago

Elasticsearch Engineer (Secret Clearance)

Colorado Springs, CO

Full-time

Onsite

Entry, Mid Level

2+ years exp

ShorePoint Inc is a fast-growing cybersecurity services firm focused on protecting data for high-profile public and private sector customers. They are seeking an Elasticsearch Engineer to lead and support SIEM migration activities, implement Elasticsearch clusters, and collaborate with various teams to design and maintain Elasticsearch solutions.

Cyber SecurityNetwork SecuritySecurity

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Hiring Manager

Pam P.

Responsibilities

Lead and support SIEM migration activities, including transitioning customers from ArcSight to the Elastic Stack

Implement, configure, and document four Elasticsearch clusters in support of enterprise SIEM and analytics requirements

Develop detailed installation, configuration, and operational documentation to support deployment and sustainment

Design and implement data pipelines to support log ingestion, normalization, enrichment, and analytics

Support SIEM development activities, including migration execution, validation, and reporting

Collaborate with the Integration and Architecture teams to design, document, build, secure and maintain Elasticsearch, Logstash, Kibana (and X-Pack) enterprise solutions in both cloud and on-premises environments

Work closely with architects, engineers and integrators to assess customer requirements and design Elasticsearch Stack solutions that meet data compliance and performance needs

Follow the development lifecycle processes to transition solutions from Dev to Test to Production environments

Participate in Agile sprint meetings, share progress and ensure that the development aligns with project and customer requirements

Serve as a subject matter expert and trusted advisor, providing guidance and best practice recommendations for Elasticsearch deployments

Configure and maintain Linux-based operating systems (including updates and version upgrades) to support the Elasticsearch platform

Install, configure and manage Elastic Cloud Enterprise (ECE) solutions, ensuring seamless communication and integration among Elasticsearch components and data sources

Create detailed installation and configuration documentation to support deployment

Secure the solution by implementing TLS, certificates, SSO/PIV authentication and encryption technologies

Collaborate with the data lifecycle management team to ensure optimal data flow and integrity

Troubleshoot and monitor data flows and the overall health of the Elasticsearch solution to maximize performance and minimize downtime

Provide regular status updates and analysis of alternatives in daily sprint meetings

Build and maintain effective working relationships across departments and teams to coordinate work and deliver results on schedule

Recommend and implement enhancements to optimize business intelligence processes

Qualification

ElasticsearchSIEMJavaSQL ServerCompTIA Security+REST APIAgileLinuxPythonPowerShellCISSPCISMCISACEH

Required

Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field or relevant experience in lieu of degree

2+ years of relevant experience

CompTIA Security + certification

Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking

Applicants must hold and maintain an active Secret clearance

Experience in software development using Java with an IDE (e.g., Eclipse, CodeReady)

Proficiency in parsing file formats (e.g., JSON, XML, CSV)

Knowledge of SQL Server database design, programming, tuning and writing SQL queries/procedures

Experience in developing/automating test procedures

Familiarity with REST API web services client development

Experience with release management, build tools (e.g., Maven, Jenkins) and configuration tools (e.g., SVN)

Understanding of secure coding practices, including encryption (e.g., certificates, TLS connections)

Preferred

Experience with SAML authentication and familiarity with domain structures, user authentication and PKI

Experience with Messaging Queues (e.g., RabbitMQ)

Knowledge of Microsoft SQL

Experience with programming and regular expressions (XML, Java, JSON, Python, PowerShell, Painless, Grok)

Relevant security certifications such as CISSP, CISM, CISA, Security+ or CEH

Understanding of the relationship between critical infrastructure protection and cybersecurity

Knowledge and experience with Assessment & Authorization (A&A) processes in federal environments, including familiarity with the NIST Risk Management Framework (RMF)