Data Engineer & Application Support Specialist

TIAG is seeking an experienced Data Engineer with a strong focus on ELK Stack to join our team supporting the Commander, Navy Installations Command (CNIC) N6 Public Safety Systems (PSS) program. This role will be instrumental in designing, implementing, and optimizing our Security Information and Event Management (SIEM) solutions, with a particular emphasis on the ELK (Elasticsearch, Logstash, Kibana) stack.

This role requires a blend of security engineering, data pipeline management, and system transition expertise to ensure robust monitoring, alerting, and analysis capabilities for critical public safety systems. As a self-starter, you will be expected to drive initiatives and take ownership of tasks within our SAFe (Scaled Agile Framework) environment.

This position is remote, and requires an active Secret level Security clearance to be considered.

ELK Stack & SIEM Responsibilities:

• Design, implement, and maintain ELK Stack deployments, including Elasticsearch clusters, Kibana dashboards, and data ingest pipelines using Logstash and NiFi.
• Develop and optimize Kibana dashboards and visualizations for security monitoring, operational insights, and threat hunting.
• Configure and manage alerting mechanisms within the ELK stack to provide real-time notification of security incidents and critical system events.
• Leverage Elastic Machine Learning capabilities to identify anomalies, detect threats, and enhance security posture.
• Integrate diverse data sources into the SIEM, ensuring comprehensive log collection and correlation.
• Troubleshoot and resolve complex issues related to ELK stack performance, data ingestion, and alerting, demonstrating self-sufficiency in problem-solving.

System Design & Transition:

• Contribute to technical reviews and meetings, offering insights on SIEM design readiness and transition strategies.
• Perform software/engineering analysis on operational and system requirements, ensuring they're met during SIEM implementation and transition.
• Provide input to system and software engineering design and implementation plans, optimizing for SIEM deployment performance and scalability.
• Review and contribute to high-level functional block diagrams and descriptions of PSS systems, including TLDD and modeling tools (UAF, SysML), with a focus on SIEM integration points.
• Draft requirements and architectural white papers to support SIEM transition solutions.
• Provide inputs for Installation Design Packages (IDPs), ensuring complete SIEM system installation plans.
• Support the design, configuration, testing, and operation of testbeds to validate SIEM designs pre-production.
• Define and present risk-benefit tradeoffs at design reviews, especially those impacting SIEM transition and performance.
• Manage and participate in the transition of SIEM services, products, and materials to a new contractor, providing necessary guidance and documentation.
• Compile and provide all applicable current and historical documentation for transitions, including SIEM designs, configurations, and diagrams.

Automation & Data Flow:

• Utilize Argo (Workflows/CD) for automating ELK stack deployments, configuration management, and data pipeline orchestration.
• Develop and manage data flows using Apache NiFi to efficiently collect, process, and route security logs and other relevant data into the ELK stack.

Agile and Collaborative Environment:

• Work effectively and proactively within a SAFe (Scaled Agile Framework) environment, contributing to program increments and fostering cross-team collaboration.
• Demonstrate strong initiative and self-direction in managing individual tasks and contributing to team goals within an agile construct.
• Actively participate in agile ceremonies (e.g., PI Planning, Sprint Reviews) and adapt to evolving requirements.

Security Principles & Best Practices:

• Apply security best practices to ELK stack deployments and data handling.
• Contribute to lifecycle sustainment and End-Of-Life (EOL) planning for SIEM components.
• General Engineering Support:
• Support system configuration and data management efforts, including direct CM process support and creating configuration documents.
• Coordinate with development teams on integration, change, data, and configuration management tracking from design through end-of-life for SIEM-related assets.
• Contribute to new technical Interface Control Documents (ICD)/CONOPS for program architecture expansion, focusing on data ingest and SIEM integration.
• Conduct engineering analyses for long-range planning, supporting the development of an advanced technology base for security monitoring.
• Prepare planning documents, such as Plans of Action and Milestones (POA&M), for installation execution.

Required Skills & Experience:

• Bachelor's degree in Computer Science, Engineering, or a related field.
• 8+ years of highly relevant, progressive experience in the following areas:
• ELK Stack Expertise to include hands-on experience designing, implementing, and maintaining large-scale Elasticsearch clusters (including multi-node, distributed architectures), Kibana dashboards (advanced visualizations, custom plugins), and complex data ingest pipelines (Logstash, Beats, NiFi).
• Proven track record in configuring and managing alerting mechanisms (Watchers, Alerting APIs) and leveraging Elastic Machine Learning for anomaly detection and threat hunting.
• Demonstrated ability to troubleshoot and resolve complex ELK stack performance, data ingestion, and alerting issues independently.
• SIEM Solutions experience with the design, implementation, and optimization of Security Information and Event Management (SIEM) solutions, with ELK as a primary focus.
• Data Engineering & Automation experience with data pipeline development and management using tools like Apache NiFi for efficient data collection, processing, transformation, and routing.
• Hands-on experience with automation tools, specifically Argo (Workflows/CD) or similar (e.g., Kubernetes, Ansible, Terraform) for CI/CD, infrastructure as code, and automated deployments of complex systems.
• Proficiency in scripting (e.g., Python, Bash, PowerShell) for automation, data manipulation, and system management.
• System Design & Transition experience contributing to and leading technical reviews, especially regarding SIEM design readiness and complex system transition strategies.
• Ability to perform in-depth software/engineering analysis on operational and system requirements, ensuring successful implementation and transition for critical systems.
• Direct experience managing and participating in transitions of critical services, products, and documentation to new contractors or teams.
• Relevant certifications (e.g., Certified Data Professional, AWS Certified Data Analytics - Specialty Safe certifications (e.g., SAFe Practitioner, SAFe Scrum Master).

TIAG is a federal contractor and an equal opportunity and affirmative action employer that does not discriminate and employment decisions shall be based solely on merit and without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations.
This policy applies to all terms and conditions of employment. To achieve our goal of equal opportunity, TIAG maintains an affirmative action plan through which it makes good faith efforts to recruit, hire, and advance in employment qualified individuals with disabilities and protected veterans.

Pay Range: $135,000 - $165,000 per year