Senior Elastic Engineer (EDR/Defend Focus)

Senior Elastic Engineer (EDR/Defend Focus)
Schriever SFB
Colorado Springs, CO

HX5 is an award-winning provider of engineering, research and development, and technical services to clients such as NASA and the Department of Defense. Founded in 2004, HX5 is a fast-growing veteran- and woman-owned company with locations nationwide.

HX5 is currently seeking a qualified Senior Elastic Engineer (EDR/Defend Focus) to support the Missile Defense Agency (MDA) on the Integrated Research and Development for Enterprise Solutions (IRES) contract at Schriever Air Force Base in Colorado Springs, CO.

Essential Duties and Responsibilities:

• Be a key contributor to the design, implementation, and maintenance of our Elastic Stack environment, with a primary
  focus on leveraging Elastic EDR and Defend capabilities to enhance our cybersecurity posture.
• Be responsible for ensuring the security, scalability, and performance of our Elastic Stack infrastructure, and will work
  closely with other teams to integrate it with existing security tools and workflows.
• Architect, deploy, and maintain a highly available and scalable Elastic Stack environment, specializing in Elastic EDR/
  Defend.
• Configure and optimize Elastic EDR/Defend policies and data pipelines for threat detection, prevention, and security
  event enrichment.
• Develop and maintain Kibana dashboards and visualizations for real-time security monitoring, threat identification, and
  incident response tracking.
• Perform proactive threat hunting and in-depth security analysis using Elastic EDR/Defend capabilities.
• Troubleshoot complex Elastic Stack issues, develop comprehensive documentation, and mentor junior engineers to
  ensure operational excellence.

The successful candidate will have:

• Expert knowledge of the Elastic Stack (Elasticsearch, Logstash, Kibana)
• Expert knowledge of Elastic EDR and Defend capabilities
• Strong understanding of data indexing, sharding, replication, and data lifecycle management.
• Strong understanding of Linux and Windows operating systems
• Strong understanding of security principles, threat detection, and incident response.
• Knowledge of common coding flaws and security vulnerabilities.
• Knowledge of network protocols and security concepts.
• Knowledge of security frameworks and compliance standards (e.g., NIST, FedRAMP).
• Ability to interpret and incorporate data from multiple tool sources.
• Ability to analyze complex requirements and translate them into clear, actionable tasks.
• Ability to work independently and as part of a team.
• Excellent communication and interpersonal skills.

Salary: This position is expected to pay $130,000 - $150,000 annually; depending on experience, education, and any certifications that are directly related to the position.

Education and Experience:

• Must have 10, or more, years of general (full-time) work experience
• May be reduced with completion of advanced education
• Must have 5, or more, years of experience working with the Elastic Stack (Elasticsearch, Logstash, Kibana).
• Must have 3, or more, years of experience specifically implementing and managing Elastic EDR and Defend solutions.
• Must have 2, or more, years of experience in a lead or senior role, mentoring and guiding other team members.
• Must have 1, or more, years of experience working in a management or leadership role
• Must have a strong understanding of security principles, threat detection, and incident response.
• Must have experience with data ingestion, processing, and enrichment techniques.
• Must be proficient in at least one scripting language (e.g., Python, Bash, PowerShell).
• Must have a current DoD 8570.01-M IAT Level II certification with Continuing Education (CE) - (CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP).
• Must have an active DoD Secret Security Clearance.
• Must be able to obtain an active DoD Top Secret Security Clearance

Desired Requirements:

• Have experience with Linux and Windows Server administration.
• Have experience with containerization technologies (Docker, Kubernetes).
• Have experience with automation tools (Ansible, Puppet, Chef).
• Have experience with cloud platforms (AWS, Azure, GCP).
• Have experience with SIEM technologies and security event management.
• Have experience with security frameworks and compliance standards (e.g., NIST, FedRAMP).
• Have a strong understanding of network protocols and security concepts.
• Have experience with threat intelligence platforms and data feeds.
• Have 1, or more, relevant security certifications (e.g., CISSP, CISM, CEH).
• Have experience tuning and optimizing Elastic EDR and Defend for specific threat landscapes.

Position Type/Expected Hours of Work:

This is a full-time position requiring 40 hours per week and offers a flexible work schedule Monday through Friday during core business hours.

Other Position Requirements:

• Proof of U.S. Citizenship or US Permanent Residency is a requirement for this position.
• Must be able to complete a U.S. government background investigation.
• Must be able to travel, including air travel up to 10%.
• Must have a valid Drivers License.

HX5 offers a competitive salary and benefits package to include:

• Medical/Dental/Vision Insurance
• 401(k) plan with Company Match
• Paid Holidays
• Paid Time Off
• Parental Leave
• Life Insurance
• Tuition Reimbursement
• Medical and Dependent Care Flexible Spending Accounts
• Pet Insurance

HX5, LLC is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, sex, age, national origin, ancestry, citizenship, disability, or veteran status.

HX5, LLC is a Drug Free Workplace Employer.

ACCESSIBILITY NOTICE:
If you need a reasonable accommodation for any part of the employment process due to a physical or mental disability, please call (850) 362-6551.

CJ