Elastic Engineer

Zachary Piper Solutions is seeking an Elastic Engineer to support a mission-critical federal program at Schriever Space Force Base (SFB). This on-site role focuses on designing, implementing, and maintaining large-scale log ingestion architectures using the Elastic Stack. The ideal candidate brings deep expertise in Logstash pipeline engineering, ECS normalization, and high-volume ingestion across heterogeneous data sources, including restricted and air-gapped environments.

Responsibilities of the Elastic Engineer include:

• Design and deploy ingestion pipelines for:
  • Endpoint security telemetry
  • Network devices and firewalls
  • Cloud security platforms
  • Linux audit logs
  • Windows Event Logs
  • Kubernetes/OpenShift logs
  • Custom application logs
• Normalize incoming data into Elastic Common Schema (ECS) compliant formats
• Implement parsing using Grok , Dissect , KV , JSON decoding , and Translate filters
• Design and manage multi-pipeline Logstash architectures , including pipeline-to-pipeline routing and output isolator patterns
• Tune Logstash JVM performance and troubleshoot ingestion bottlenecks
• Deploy and manage Elastic Agents using Fleet Server and centralized policy management
• Support air-gapped artifact and package repositories
• Implement ingestion resiliency, redundancy, and failover strategies
• Validate ingestion correctness, ECS alignment, and lifecycle management compliance
• Support high-availability production environments, including restricted and disconnected networks

Qualifications for the Elastic Engineer include:

• 3+ years of hands-on Elastic Stack experience
• Advanced Logstash pipeline engineering expertise
• Strong knowledge of Elastic Common Schema (ECS)
• Linux administration experience
• Proven experience troubleshooting high-volume ingestion and pipeline performance issues

Preferred Qualifications:

• Experience with air-gapped Elastic deployments
• Kubernetes/OpenShift logging ingestion experience
• Elastic Defend and SIEM ingestion experience
• Automation experience with Ansible , Python, Bash, or similar scripting tools

Success Metrics:

• Improved ingestion reliability and resiliency
• Reduced dropped or malformed events
• Increased pipeline throughput and stability
• Consistent, standardized ECS mapping implementation

Position Details:

• Location: Schriever Space Force Base (SFB)
• Environment: On-site, secure facility
• Collaboration with cybersecurity, platform engineering, and mission operations teams

Compensation for the Elastic Engineer includes:

• Salary Range: (depends on experience)
• Benefits: Medical, Dental, Vision, 401K, PTO, Sick Leave (as required), Holidays

Keywords:

#LI-RE1 #LI-Onsite elastic engineer, elastic stack, logstash, kibana, elasticsearch, elastic agent, fleet server, ingestion pipelines, ECS, elastic common schema, grok, dissect, kv filter, json filter, translate filter, multi-pipeline logstash, pipeline-to-pipeline routing, output isolator, JVM tuning, ingestion performance, high-volume logging, linux, air-gapped environments, restricted networks, SIEM ingestion, elastic defend, kubernetes logging, openshift logging, ansible automation, scripting, python, bash, endpoint telemetry, cloud security logs, windows event logs, linux audit logs, network device logs, observability, data normalization, schriever SFB, cleared engineer, federal security, mission-critical systems.