Apply on Employer Site

ShorePoint Inc · 2 days ago

Elasticsearch Architect (Top Secret Clearance)

Aurora, CO

Full-time

Onsite

Entry, Mid Level

2+ years exp

ShorePoint Inc is a fast-growing cybersecurity services firm focused on high-profile customers. They are seeking an Elasticsearch Architect to assess and improve Elasticsearch deployments, design containerized solutions, and collaborate with various teams to ensure optimal performance and compliance in both cloud and on-premises environments.

Cyber SecurityNetwork SecuritySecurity

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Hiring Manager

Pam P.

Responsibilities

Assess current Elasticsearch deployment and architecture, including validation of ingestion patterns, index lifecycle management (ILM) and data retention configurations

Ingest and normalize at least five data sources using the Elastic Common Schema (ECS) format

Verify ILM policies and retention requirements and perform upgrades of the existing Elastic Stack as needed

Provide enablement for dashboards and SIEM capabilities following ingestion, validation and upgrade activities

Design and implement containerized Elastic deployments to support multiple Docker containers per server, including deployment of Elastic Agent and Defender

Collaborate with the Integration and Architecture teams to design, document, build, secure and maintain Elasticsearch, Logstash, Kibana (and X-Pack) enterprise solutions in both cloud and on-premises environments

Work closely with architects, engineers and integrators to assess customer requirements and design Elasticsearch Stack solutions that meet data compliance and performance needs

Follow the development lifecycle processes to transition solutions from Dev to Test to Production environments

Participate in Agile sprint meetings, share progress and ensure that the development aligns with project and customer requirements

Serve as a subject matter expert and trusted advisor, providing guidance and best practice recommendations for Elasticsearch deployments

Configure and maintain Linux-based operating systems (including updates and version upgrades) to support the Elasticsearch platform

Install, configure and manage Elastic Cloud Enterprise (ECE) solutions, ensuring seamless communication and integration among Elasticsearch components and data sources

Create detailed installation and configuration documentation to support deployment

Secure the solution by implementing TLS, certificates, SSO/PIV authentication and encryption technologies

Collaborate with the data lifecycle management team to ensure optimal data flow and integrity

Troubleshoot and monitor data flows and the overall health of the Elasticsearch solution to maximize performance and minimize downtime

Build and maintain effective working relationships across departments and teams to coordinate work and deliver results on schedule

Recommend and implement enhancements to optimize business intelligence processes

Qualification

ElasticsearchJavaLinuxSQL ServerREST APISAML authenticationElastic Cloud EnterpriseSecure coding practicesCritical thinkingTeam collaborationCommunication skills

Required

Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field or relevant experience in lieu of degree

2+ years of relevant experience

Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking

Applicants must hold and maintain an active Top Secret clearance

Experience in software development using Java with an IDE (e.g., Eclipse, CodeReady)

Proficiency in parsing file formats (e.g., JSON, XML, CSV)

Knowledge of SQL Server database design, programming, tuning and writing SQL queries/procedures

Experience in developing/automating test procedures

Familiarity with REST API web services client development

Experience with release management, build tools (e.g., Maven, Jenkins) and configuration tools (e.g., SVN)

Understanding of secure coding practices, including encryption (e.g., certificates, TLS connections)

Preferred

Experience with SAML authentication and familiarity with domain structures, user authentication and PKI

Experience with Messaging Queues (e.g., RabbitMQ)

Knowledge of Microsoft SQL

Experience with programming and regular expressions (XML, Java, JSON, Python, PowerShell, Painless, Grok)

Relevant security certifications such as CISSP, CISM, CISA, Security+ or CEH

Understanding of the relationship between critical infrastructure protection and cybersecurity

Knowledge and experience with Assessment & Authorization (A&A) processes in federal environments, including familiarity with the NIST Risk Management Framework (RMF)